Hi,
From: Sake Blok <sake@xxxxxxxxxx>
Subject: Re: [Wireshark-users] how to drop 400 unwanted packets to analyze with wireshark ?
Date: Fri, 29 Jun 2007 09:44:59 +0200
> Yes, the example uses a different field (ip.addr), but the context
> is the same. Since there are two tcp ports in a packet, the filter
> tcp.port!=x is actually replaced by "(tcp.srcport!=x or tcp.dstport!=x)".
>
> This breaks the logic !(A U B) = (!A && !B):
I see.
> So actually your filter would match all the packets in the trace ;-)
> It can be a bit confusing indeed :)
?? For the safe result, my filter was reflected with your previous
two advises in fact. So I believe this is enough, or ...
// Mitsuho Iizuka
// AP Server Grp., 2nd System Software Div.,
// System Software Opr.Unit, IT Platform Biz.Unit, NEC Corp.
// Phone:+81-3-3456-4322
