Help with tcpdump query

T. Horsnell tsh at mrc-lmb.cam.ac.uk
Fri Oct 13 15:46:16 UTC 2006


>Hi
>
>Could someone please point out to me where I'm going wrong with the following:
>
>tcpdump -i eth0  not port 22 and not port 53 not ip proto icmp
>

According to my man pages, you need to escape the icmp keyword thus (for C-shell)

tcpdump -i eth0  not port 22 and not port 53 not ip proto \\icmp

It works for me.

To avoid the unresolvable ip addr, either aviod DSN lookups altogether
with -n , or include 'and not host xxx' where xxx is the ip address
you want to skip:

tcpdump -i eth0  not port 22 and not port 53 and not host xxx and not ip proto \\icmp

Cheers,
Terry.


>Additionally there's a client popping up that doesn't havea resolvable
>hostname how can I exclude it with tcpdump?
>
>Thanks in advance
>Dan
>
>-- 
>fedora-list mailing list
>fedora-list at redhat.com
>To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>




More information about the fedora-list mailing list