Hello, I am trying to use filters in conjunction with saving the filtered packets to a file, using windump, but when I do, the filters seem to get ignored. Here is an example of what I am trying:
c:\windump -i 1 -s 0 -C 100 -w test -W 40 !host 192.168.10.2 When I use this, there are still packets to/from that host in the capture file. On the other hand, if I use: windump -i 1 !host 192.168.10.2 ...on the command line, I can see the packets to/from that host filtered out. To be clear, if I remove the ! from the command line, I see traffic to/from that host, if I add the ! back in, I don't, and there is a constant stream of traffic to/from this host. The documentation I have been able to find seems to indicate that this is legal and I don't get any syntax errors. What am I missing? Thanks, Jerry
_______________________________________________ Winpcap-users mailing list [email protected] https://www.winpcap.org/mailman/listinfo/winpcap-users
