Ask Your Question

balderman's profile - activity

2021-01-30 14:13:43 +0000 asked a question Long term traffic capturing using dumpcap & tshark

Long term traffic capturing using dumpcap & tshark Hi I am using dumpcap & tshark for long term traffic captur

2020-07-08 14:20:17 +0000 commented question Why does this capture filter not capture my traffic?

"Strict Filter" (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800 jt 3

2020-07-08 14:18:49 +0000 commented question Why does this capture filter not capture my traffic?

"Non Strict Filter" (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 13:14:37 +0000 commented question Why does this capture filter not capture my traffic?

See the answer below (I was not able to use the comment) Dumpcap (Wireshark) 2.6.10 (Git v2.6.10 packaged as 2.6.10-

2020-07-08 13:12:29 +0000 commented question Why does this capture filter not capture my traffic?

See the answer below (I was not able to use the comment)

2020-07-08 13:11:42 +0000 received badge  Rapid Responder (source)
2020-07-08 13:11:42 +0000 answered a question Why does this capture filter not capture my traffic?

This is an answer to 'SYN-bit' comment. (I could not use a comment since the text I post is too long) Here is the outpu

2020-07-08 13:01:22 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. "Non Strict Filter" (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (00

2020-07-08 13:00:43 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 13:00:25 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 13:00:02 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 12:59:23 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 12:58:05 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 12:57:35 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 12:56:32 +0000 commented question Why does this capture filter not capture my traffic?

Here is the output with -d. (000) ldh [12] (001) jeq #0x86dd jt 41 jf 2 (002) jeq #0x800

2020-07-08 10:25:49 +0000 commented question Why does this capture filter not capture my traffic?

Hi Graham Thanks for your answer. Below is the list of my "HTTP Servers" 10.36.101.27:50003 10.36.101.27:54017 10.

2020-07-08 10:25:15 +0000 commented question Why does this capture filter not capture my traffic?

Hi Graham Thanks for your answer. Below is the list of my "HTTP Servers" 10.36.101.27:50003 10.36.101.27:54017 10.3

2020-07-08 09:30:42 +0000 edited question Why does this capture filter not capture my traffic?

Strict BPF does not work I capture HTTP traffic and build Request/Response pairs. I am using dumpcap and tshark. I hav

2020-07-08 09:27:31 +0000 asked a question Why does this capture filter not capture my traffic?

Strict BPF does not work I capture HTTP traffic and build Request/Response pairs. I am using dumpcap and tshark. I hav

2020-05-24 13:39:11 +0000 marked best answer BPF boolean logic

Are the 2 filters below identical?

  1. tcp && ((port 56 && host 1.2.3.4) or (port 57 && host 1.2.3.5))
  2. (tcp && port 56 && host 1.2.3.4) or (tcp && port 57 && host 1.2.3.5))
2020-05-23 15:13:10 +0000 edited question dumpcap - get packet drop report periodically

dumpcap - get packet drop report periodically when dumpcap is stopped it prints a short packets stats report. Example

2020-05-23 15:12:40 +0000 asked a question dumpcap - get packet drop report periodically

dumpcap - get packet drop report periodically when dumpcap is stopped it prints a short packets stats report. Example

2020-05-22 20:30:00 +0000 commented answer BPF boolean logic

So it looks identical... thanks.

2020-05-22 19:18:55 +0000 received badge  Editor (source)
2020-05-22 19:18:55 +0000 edited question BPF boolean logic

BPF boolean logic Are the 2 filters below identical? tcp && ((port 56 && host 1.2.3.4) or (port 57 &am

2020-05-22 19:18:21 +0000 asked a question BPF boolean logic

BPF boolean logic Are the 2 filters below identical? tcp && ((port 56 && host 1.2.3.4) or (port 57 &am