Manualshelf

Introduction to Ethereal (v.0.9.9), The Open Source Network-Protocol Analyzer

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
11121314151617181920
17
Ethereal
...Getting started:
tcpdump
capture filters...
Ethereal uses the libpcap packet-capture library of
tcpdump (www.tcpdump.org), so libpcap filter syntax is
used in Ethereal.
•The libpcap filter language allows for complex constructs.
“This is explained in the tcpdump man page. If you can
understand it, you are a better man than I…”
–Ethereal User’s Manual
Basic syntax structure:
[not] primitive [and|or [not] primitive ...]