Wireshark · Ethereal-users: [Ethereal-users] Question about Capture Filters

Ethereal-users: [Ethereal-users] Question about Capture Filters

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Fri, 27 Jul 2001 13:25:09 -0700

Hi guys, I’m new to this list but I’ve been using ethereal for about a year now (in a fairly limited fashion mind you). I’m having trouble getting a capture going using an Ethernet + mac address filter. From what I see in the tcpdump man page I should be able to use the filter line:

ether dst ehost

Now also in that manual it says for the format of ehost:

Ehost may be either a name from /etc/ethers or a number (see ethers(3N) for numeric format).

So I’ve referenced the ethers.3N man page and really didn’t get the gist of how I should be formatting my MAC address entry. I’ve tied x:x:x:x:x:x and x-x-x-x-x-x and xxxx.xxxx.xxxx to no avail. I’m really just looking to filter (watch the line) based upon the destination MAC address.

Any insight you guys might have would be appreciated.

Follow-Ups:
- Re: [Ethereal-users] Question about Capture Filters
  - From: Guy Harris

Prev by Date: [Ethereal-users] DIAMETER
Next by Date: Re: [Ethereal-users] running ethereal on aix
Previous by thread: [Ethereal-users] DIAMETER
Next by thread: Re: [Ethereal-users] Question about Capture Filters
Index(es):
- Date
- Thread