Wireshark · Wireshark-users: Re: [Wireshark-users] SYN Capture Filter issue

Wireshark-users: Re: [Wireshark-users] SYN Capture Filter issue

From: "Bland Chuck-CNGR85" <Chuck.Bland@xxxxxxxxxxxx>

Date: Tue, 17 Feb 2009 17:03:23 -0500

I figured out how to spec the other interface.

Chuck

D:\Profiles\cngr85\Desktop\dump>windump -i
\Device\NPF_{38D6F9C0-8D21-4EFF-947C-9CB2FFE9D2FD} -d "tcp[13] & 0x02 =
2"
windump: listening on \Device\NPF_{38D6F9C0-8D21-4EFF-947C-9CB2FFE9D2FD}
(000) ldh      [12]
(001) jeq      #0x800           jt 2    jf 11
(002) ldb      [23]
(003) jeq      #0x6             jt 4    jf 11
(004) ldh      [20]
(005) jset     #0x1fff          jt 11   jf 6
(006) ldxb     4*([14]&0xf)
(007) ldb      [x + 27]
(008) and      #0x2
(009) jeq      #0x2             jt 10   jf 11
(010) ret      #96
(011) ret      #0

D:\Profiles\cngr85\Desktop\dump>windump -i
\Device\NPF_{38D6F9C0-8D21-4EFF-947C-9CB2FFE9D2FD} -d "tcp[13:1] = 2"
windump: listening on \Device\NPF_{38D6F9C0-8D21-4EFF-947C-9CB2FFE9D2FD}
(000) ldh      [12]
(001) jeq      #0x800           jt 2    jf 10
(002) ldb      [23]
(003) jeq      #0x6             jt 4    jf 10
(004) ldh      [20]
(005) jset     #0x1fff          jt 10   jf 6
(006) ldxb     4*([14]&0xf)
(007) ldb      [x + 27]
(008) jeq      #0x2             jt 9    jf 10
(009) ret      #96
(010) ret      #0

References:
- [Wireshark-users] SYN Capture Filter issue
  - From: Bland Chuck-CNGR85
- Re: [Wireshark-users] SYN Capture Filter issue
  - From: j . snelders
- Re: [Wireshark-users] SYN Capture Filter issue
  - From: Bland Chuck-CNGR85
- Re: [Wireshark-users] SYN Capture Filter issue
  - From: Guy Harris
- Re: [Wireshark-users] SYN Capture Filter issue
  - From: Bland Chuck-CNGR85

Prev by Date: Re: [Wireshark-users] SYN Capture Filter issue
Next by Date: Re: [Wireshark-users] SYN Capture Filter issue
Previous by thread: Re: [Wireshark-users] SYN Capture Filter issue
Next by thread: Re: [Wireshark-users] SYN Capture Filter issue
Index(es):
- Date
- Thread