tcpdump mailing list archives
Re: how pcap filter string works?
From: "Hu Thomas Pan" <thomaspan2 () yahoo com>
Date: Thu, 22 Jul 2004 13:13:07 -0700
Still not work. No data comes into my callback function. I use while(1) for the main process. Thomas -----Original Message----- From: tcpdump-workers-owner () lists tcpdump org [mailto:tcpdump-workers-owner () lists tcpdump org] On Behalf Of Guy Harris Sent: Thursday, July 22, 2004 12:29 PM To: tcpdump-workers () lists tcpdump org Subject: Re: [tcpdump-workers] how pcap filter string works? On Jul 22, 2004, at 12:25 PM, Hu Thomas Pan wrote:
I have a pcap filter string: udp and \( \( host host1 and port port1 \) or \( host host2 and port port2 \) \) Things are working through command line for tcpdump. But, it doesn't work for pcap lib in the code.
Try using the string
"udp and ( ( host host1 and port port1 ) or ( host host2 and port
port2 ) )"
as the string you pass to "pcap_compile()". The "\" before "(" and ")"
in the tcpdump command line are to cause the shell not to treat them as
special characters. They're removed by the shell when those arguments
are passed to tcpdump.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- anoncvs down? David Young (Jul 21)
- Re: anoncvs down? Michael Richardson (Jul 21)
- Re: anoncvs down? David Young (Jul 21)
- Re: anoncvs down? David Young (Jul 21)
- How tcpdump works? César Cárdenas (Jul 22)
- Re: How tcpdump works? Hannes Gredler (Jul 22)
- how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: how pcap filter string works? Guy Harris (Jul 22)
- Re: how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: how pcap filter string works? Guy Harris (Jul 22)
- Re: how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: anoncvs down? David Young (Jul 21)
- Re: anoncvs down? Michael Richardson (Jul 21)