No self-introduction
Loading
Profile
Follow
codes (1)
sniffer to tcp
no vote
Sniffer to capture packets tcp udp,
filters are based on a declarative predicate syntax. A filter is
an ASCII string containing a filtering expression . pcap_compile()
takes the expression and translates it in a program for the kernel-level
packet filter.
The expression selects which packets will be dumped.
If no expression
is given, all packets on the net will be accepted by the kernel-level filtering
engine.
Otherwise,
only packets for which expression is `true' will be accepted.
The expression consists of one or more primitives. Primitives usually consist of an id (name or number) preceded by one or more qualifiers.
There are three
different kinds of qualifier:
type
qualifiers say what kind of thing the id name or number refers to.
Possible types are host , net and port .
E.g., `host foo', `net 128.
mssk 0 0
1
No more~
Follows0
Fans0