'[tcpdump-workers] subscribe to tcpdump-workers"why information fi filtered files is difference?"'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-workers
Subject:    [tcpdump-workers] subscribe to tcpdump-workers"why information fi filtered files is difference?"
From:       mahdi yazdanpanah <mehdiyazdan_n () yahoo ! com>
Date:       2008-11-10 18:18:49
Message-ID: 884742.32619.qm () web30601 ! mail ! mud ! yahoo ! com
[Download RAW message or body]

Hi
I have problem with tcpdump:
i capture  tcp packet and write them to file without filter. when again i read this \
file and filter "syn or fin or rst" paccket in another file i find that the sequence \
number's field in this file different  with  sequence number (that their flags are \
syn, fin or rst) of source file.  i use this order:

tcpdump  -U -i eth1 -r /sample 
'tcp[tcpflags]&(tcp-syn|tcp-fin|tcp-rst)!=0why happen this occurence? and can i them \
equvalent?thank you very much.execuse me becuase my english language  is not good.  

      New Email addresses available on Yahoo!
Get the Email name you&#39;ve always wanted on the new @ymail and @rocketmail. 
Hurry before someone else does!
http://mail.promotions.yahoo.com/newdomains/aa/-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic