Changes between Version 2 and Version 3 of FilterExpressions


Ignore:
Timestamp:
09/09/07 20:23:59 (14 years ago)
Author:
perry
Comment:

Add examples from the tcpdump manpage

Legend:

Unmodified
Added
Removed
Modified
  • FilterExpressions

    v2 v3  
     1== Broadcast IP packets that didn't use ethernet broadcast ==
     2{{{ ether[0] & 1 == 0 and ip[16] >= 224 }}}
     3== Non ICMP Echo-Request/Echo-Reply ICMP packets ==
     4{{{'icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply' }}}
     5== TCP SYN packets ==
     6{{{'tcp[13] & 2 == 2'}}}[[BR]]
     7{{{'tcp[13] == 2'}}}[BR]
     8{{{'tcp[tcpflags] & tcp-syn != 0}}}[[BR]]
    19== DNS Related ==
    210=== Queries ===