Hello,
I have a question regarding "capture"
filters. Specifically, I need to write a low level filter that will
capture dynamic DNS update packets containing the opcode value of 0x05.
I know what the offset value is (0x2C and 0x2D) in the payload, but
apparently I am missing something when trying to understand the correct
"tcp dump" syntax to use as part of the capture filter in Wireshark.
Capture Filter:
udp[2c] == 28 and udp[2d] == 00
Any input is greatly appreciated!
Thanks,
geburns
--------------------------------------------------
This e-mail contains information which may be privileged, confidential, proprietary, trade secret and/or otherwise legally protected. If you are not the intended recipient, please do not distribute this e-mail. Instead, please delete this e-mail from your system, and notify us that you received it in error. No waiver of any applicable privileges or legal protections is intended (and nothing herein shall constitute such a waiver), and all rights are reserved.