Hi there, With below tcpdump command (in Ubuntu), I want to get multicast traffic, non udp, ..., but the filter "! udp" doesn't work. It gives output of UDP packets.
sudo tcpdump -r tw 'ether[0] & 0xFF == 1' && ! udp && host 192.168.1.1 && greater 300 The single filter of "! udp" works though. tcpdump version 4.0.0 libpcap version 1.0.0 Thanks & Regards, George - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
