|
hello. I want to write a filter to capture all IPv6 packets that match the net prefix with a subnet id. With ipv4 is simple: net 192.168.5 but with ipv6 this not works for me: net fec0:abcd:1234:: How can i capture the packets that match with network prefix? Thanks and sorry for my poor english |
|
For IPv6 you must specify the mask length, as there is no implicit definition as with IPv4. See man page of pcap-filter dst net net
True if the IPv4/v6 destination address of the packet has a net-
work number of net. Net may be either a name from the networks
database (/etc/networks, etc.) or a network number. An IPv4
network number can be written as a dotted quad (e.g.,
192.168.1.0), dotted triple (e.g., 192.168.1), dotted pair (e.g,
172.16), or single number (e.g., 10); the netmask is
255.255.255.255 for a dotted quad (which means that it's really
a host match), 255.255.255.0 for a dotted triple, 255.255.0.0
for a dotted pair, or 255.0.0.0 for a single number. An IPv6
network number must be written out fully; the netmask is
ff:ff:ff:ff:ff:ff:ff:ff, so IPv6 "network" matches are really
always host matches, and a network match requires a netmask
length.
So, the filter would be something like: Regards ok, i thought that i've tried that option, but it is obviously i didn't. It works. Thanks.
(22 Jun '12, 05:45)
jorpoz
|
