![]() Up to 16 MAC addresses and MAC address masks used as a filterįilter-port ( port (max 16 items) Default: ) ![]() Name of the file where sniffed packets will be saved.įilter-ip-address ( ip/mask (max 16 items) Default: )įilter-mac-address ( mac/mask (max 16 items) Default: ) Packets that are processed with hardware offloading enabled bridge will also not be visible (unknown unicast, broadcast and some multicast traffic will be visible to sniffer tool).įile-limit ( integer 10.4294967295 Default: 1000KiB)įile size limit. I can't find a good documentation or tutorial about tcpdump capture filtering.Note: Unicast traffic between Wireless clients with client-to-client forwarding enabled will not be visible to sniffer tool. I really don't know how to manage that, I tried a lot of combination, but it doesn't work. Port 5060 or (vlan and port 5060)) or port 3868 or (vlan and port 3868)) -> I can capture Diameter for both sides, but SIP only for responses (as if the first _expression_ "port 5060" was omitted). Port 3868 or (vlan and port 3868)) -> I can capture traffic for both sides. Vlan and port 3868 -> I can capture Diameter traffic, but only the other side (responses) Port 3868 -> I can capture Diameter traffic, but only one traffic side (requests) Port 5060 or (vlan and port 5060)) -> I can capture traffic for both sides. Vlan and port 5060 -> I can capture SIP traffic, but only the other side (responses) ![]() Port 5060 -> I can capture SIP traffic, but only one traffic side (requests) I red and tcpdump man, but there are not a lot of information about filters. I have a problem building caputre filter.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |