tcpdump mailing list archives
Re: does "port 25" work?
From: "U. George" <netbeans () gatworks com>
Date: Thu, 31 Jul 2008 14:29:40 -0400
Guy Harris wrote:
On Jul 31, 2008, at 10:48 AM, U. George wrote:why does adding the "PORT" conditional also modify the wild-card aspects of "ethernet type"To what "wild-card aspects of 'ethernet type'" are you referring?If you say "port domain", that can only match TCP or UDP packets, which means it can only match IP packets, which means it *cannot* match arbitrary Ethernet types.- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
if i say this:
tcpdump -n -v -i eth1
i get a log of: ether type * and port *, ie the PPPoE data.
If i say
tcpdump -n -v -i eth1 port domain
i get a filter of ether (type UDP or TCP) and port domain, and no PPPoE data
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Guy Harris (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Guy Harris (Jul 31)
- Re: does "port 25" work? Guy Harris (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Stephen Donnelly (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Stephen Donnelly (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Guy Harris (Jul 31)
- Re: does "port 25" work? Guy Harris (Jul 31)
- Re: does "port 25" work? U. George (Jul 31)
- Re: does "port 25" work? Guy Harris (Aug 01)
- Re: does "port 25" work? Gert Doering (Aug 01)
- Re: does "port 25" work? Guy Harris (Aug 01)
- Re: does "port 25" work? Gert Doering (Aug 02)