Hi, I have sent this mail a couple of time before but received no reply. I don't know if it is coz no one knows the answer to my question or that my mail has not reached you. Anyway, I am asking one more time. Is there anyway that I could write a filter expression(tcpdump style) to filter packets based on the first two bytes of the DLT_LINUX_SLL header? My specific problem is that I have a filter scanning all the interfaces of my machine(using the "any" device. it's a pcap program) But the filter captures also packets sent out by me to other machines, apart from the ones that I receive, which I do not want. I only want incoming packets to be captured, not the outgoing ones. I know DLT_LINUX_SLL header's first two bytes have an option 4 which indicates "packets sent by me". I want to get at these first two bytes in the form a tcpdump filter expression so that I can pass it to pcap_compile(). Any ideas on how this might be possible? I hope I have phrased my question in a comprehensible way. Thanks for ur time, guys(no pun intended).
Subramoni Padmanabhan G-126, 700 woodland avenue Lexington, Kentucky 40508 Phone : 859 323 9405 _________________________________________________________________ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
