Re: [tcpdump-workers] match by tcp sequence number?

Hi, > I'm trying to write a filter for a small pcap application. I need to > match by the tcp sequence number, as I'm only interested in packets > with sequence number 1. I know I can match by octet, using e.g. > tcp[13] == ???, but the sequence field is 4 octets (32-bit). How can > I match aga

Re: [tcpdump-workers] tcpdump option for translating filter expression

ions (-d, -dd, -ddd) that return compiled BPF code, in different "output flavors" (human-readable, C-like, and pure decimal, respectively). HTH, Jan -- Jan C. Nordholz - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.

Re: [tcpdump-workers] Strange PCAP filter compilation with certain

Hi, > I've checked into the main and x.9 branches a change to do that (with a > Boolean flag). > > Could you send us (or me) the source to the test program you wrote, if > it's licensed under a BSD-compatible license (or public domain)? I'd > like to have a BPF code-generation test program in

[tcpdump-workers] Strange PCAP filter compilation with certain DLTs

;ve stripped off the link level header - is this intentional? Maybe I've overlooked something obvious, but our attempts seemed pretty straightforward to us... Thank you for your time, best regards, Jan Nordholz -- Jan C. Nordholz signature.asc Description: Digital signature