Date: Sun, 7 Apr 2002 15:52:20 -0400 From: Manikantan Ramadas <mramadas@cs.ohiou.edu> Subject: Re: How to dump packet after filtered Message-ID: <20020407155220.C9285@masaka.cs.ohiou.edu>
Hi Chong,
When you say :
tcptrace '-fb_port!=113' -O'ddd' wee
> Output filter: ((c_port!=113)AND(s_port!=113))
tcptrace is going to *filter out* those
connections that have *both* the client and server ports being 113.
What you actually want is to *filter out* those connections whose *either*
port is 113, so that none of those 113 stuff appears for you in the output.
So I guess what you need is :
tcptrace '-fport!=113' -O'ddd' wee
which will do
> Output filter: ((c_port!=113)OR(s_port!=113))
- Mani.
"Imagination is more important than knowledge" - Einstein.
___________________________________________________________________
Manikantan Ramadas -- IRG -- http://irg.cs.ohiou.edu/~mramadas
___________________________________________________________________
----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.
This archive was generated by hypermail 2b30 : 04/08/02 EDT