ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-users: [Ethereal-users] Using Filters

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jeff_Kraus@xxxxxxxx
Date: Wed, 20 Feb 2002 18:10:33 -0600
Quick question regarding filtering. I am using ethereal with Tcpdump 3.6
and Libpcap 0.6 I would like to filter on the SAME host, but multiple
protocols for that host. I have tried a filter string similar to this:
tcpdump -x -n -s0 -t src host 10.0.0.1 and proto 1 or src host 10.0.0.1 and
proto 47 or src host 10.0.0.1 and udp port 699
but unfortunately this does not work, the filter only seems to capture the
last element of the filter list. Is there a limitation here or am I just
doing things wrong.

What is the proper syntax to capture ONLY the ICMP and GRE and UDP PORT 699
packets for a host such as 10.0.0.1?
Thanks.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube