Hi Experts,
I want to run Tshark command that will capture packets according to port range.
When I am using the filter " -f "host x.x.x.x and ((tcp [2:2] >= 20 and tcp [2:2] <= 80) or (tcp [0:2] >= 20 and tcp [0:2] <= 80))" I am capturing the TCP packets with no problems.
The problem is when I want to use the same command for UDP e.g : “" -f "host x.x.x.x and ((udp [2:2] >= 20 and udp [2:2] <= 80) or (udp [0:2] >= 20 and udp [0:2] <= 80))" I am not getting any error but I am also not getting any results inside the packet capture file.
--
Boaz.