tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pcap_compile and tcpdump syntax

From: Travis <travis () utulsa edu>
Date: Wed, 13 Oct 2004 18:36:12 -0500
Guy Harris wrote:
(Blah blah blah defeat duplicate detector blah blah blah once again I forgot to send with my alum.mit.edu address in the from line blah blah blah Thunderbird blah blah blah time to pester Bugzilla.) 

Travis wrote:
Is it not correct that pcap_compile takes in a filter program with tcpdump syntax? 


Given that tcpdump syntax is implemented by tcpdump calling
"pcap_compile()", yes, it is correct.
If so then why is it that when I try to compile the program "host 129.244.241.XXX", where XXX is an actual number, does the compile function fail on me? 


What was the error message from "pcap_compile()"?  And did you just do
something such as

    pcap_compile(p, &bpfprogram, "host 129.244.241.XXX", {optimize flag},
{netmask});

and, if so, what are the values of the optimize flag and of netmask?

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
yeah, I'm a retard and fixed my problem. It was working. I just didn't realize it was. Sorry to bother the list. 
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: