Hello Dev Team,
Firstly, I apologise if this mail is going to the wrong place, but I couldn't find anywhere else to send it to. I've been using TCPDump for some time as a way of tracking and extracting the domain names of http request for IPv4. As IPv6 becomes more prolific, I've missing more and more data. I note that on some documentation that the use of 'tcp' filter on Ipv6 isn't supported because of the possibility of additional headers in IPv6 packets, but I was wondering if there is some kind of work-around in order to seek out the required information. This was the string that I was using for Ipv4: tcpdump -i eth0 -nn -s 0 -A port 80 and '(tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)' I've tried several different versions of converting these filters to 'ip6' references but no packets are returned. How can I get a working filter to capture the data I need? Thanks Steve. _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers