Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] Value too large for defined data type
From: Andrej van der Zee <andrejvanderzee@xxxxxxxxx>
Date: Wed, 5 Aug 2009 21:21:58 +0900
Hi,
cat big.cap | dumpcap -i- -w smaller.cap -b filesize:65536
I was wondering why the capture filter is not working as I expect. I want to dump only the packets that have a specific ip for src. I do it like this:
cat big.cap | dumpcap -i- -w smaller.cap -b filesize:65536 -f "src host 1.2.3.4"
But somehow all the packets are dumped anyway. Am I misunderstanding something?
Thank you,
Andrej
- Follow-Ups:
- Re: [Wireshark-users] Value too large for defined data type
- From: Andrej van der Zee
- Re: [Wireshark-users] Value too large for defined data type
- References:
- [Wireshark-users] Value too large for defined data type
- From: Andrej van der Zee
- Re: [Wireshark-users] Value too large for defined data type
- From: Sake Blok
- Re: [Wireshark-users] Value too large for defined data type
- From: Andrej van der Zee
- [Wireshark-users] Value too large for defined data type
- Prev by Date: Re: [Wireshark-users] find local IP from cap-file
- Next by Date: Re: [Wireshark-users] Value too large for defined data type
- Previous by thread: Re: [Wireshark-users] Value too large for defined data type
- Next by thread: Re: [Wireshark-users] Value too large for defined data type
- Index(es):