On May 1, 2014, at 1:44 PM, Jerry Riedel <[email protected]> wrote:
> I am trying to use filters in conjunction with saving the filtered packets to
> a file, using windump, but when I do, the filters seem to get ignored. Here
> is an example of what I am trying:
>
> c:\windump -i 1 -s 0 -C 100 -w test -W 40 !host 192.168.10.2
>
> When I use this, there are still packets to/from that host in the capture
> file.
Just out of curiosity, do any of those packets (the ones to/from 192.168.10.2)
have VLAN headers?
And what happens if you do
c:\windump -i 1 -s 0 -C 100 -w test -W 40 not host 192.168.10.2
(just in case the command-line interpreter you're using is, in some cases but
not others, doing something with the "!" character)?
And what happens if you do
c:\windump -i 1 -s 0 -w test !host 192.168.10.2
and just interrupt the capture with control-C (just in case either the -C or -W
flags are somehow affecting this)?
_______________________________________________
Winpcap-users mailing list
[email protected]
https://www.winpcap.org/mailman/listinfo/winpcap-users
