Message-ID: <20020407193048.30721.qmail@web14903.mail.yahoo.com> Date: Sun, 7 Apr 2002 12:30:48 -0700 (PDT) From: Hekkk Hekk <kfc_argus@yahoo.com> Subject: How to dump packet after filtered
Dear all
I am very puzzle in -filter option and -O dumpfile
option. I can not to dump packets that filter with -f
argument. Example
I want to dump packets that isn't port 113 in wee
file dump to ddd dump file.
# tcptrace '-fb_port!=113' -O'ddd' wee
Output filter: ((c_port!=113)AND(s_port!=113))
1 arg remaining, starting with 'wee'
Ostermann's tcptrace -- version 6.0.1 -- Mon Dec 3,
2001
159 packets seen, 159 TCP packets traced
elapsed wallclock time: 0:00:00.039119, 4064 pkts/sec
analyzed
trace file elapsed time: 0:00:56.091083
TCP connection info:
*** 16 packets were too short to process at some point
(use -w option to show details)
1: 10.226.37.70:2582 - 10.226.37.69:21 (a2b)
29> 21< (complete)
3: 10.226.37.69:20 - 10.226.37.70:2583 (e2f)
6> 5< (complete)
4: 10.226.37.72:1024 - 10.226.37.69:21 (g2h)
26> 19< (complete)
6: 10.226.37.72:1025 - 10.226.37.69:11104 (k2l)
5> 5< (complete)
7: 10.226.37.72:1026 - 10.226.37.69:20828 (m2n)
5> 6< (complete)
8: 10.226.37.69:20 - 10.226.37.70:2584 (o2p)
6> 5< (complete)
9: 10.226.37.69:20 - 10.226.37.70:2585 (q2r)
10> 7< (complete) So , I see ddd dump ,,, But
packet in ddd still don't filtered ... Please tell me
more how to fix this problem .
Thanks you
Chong
__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.
This archive was generated by hypermail 2b30 : 04/08/02 EDT