Hi,
> Hi ! > > I am trying to run the example pcap_filter developed by Loris Degioanni, contained in the developer's pack and I am having problems with the arguments I have to give to the program. I tried to find it but I could not. > > When I run the program it shows: > > pf [-i interface] : [-f input_file_name] -o output_file_name -p packet_filter > > I understood that I am supposed to give the paramenters but I do not know what to write. > > I am using Microsoft Windows 2000. I do not know the interface names (equivalent to eth0 ... in Unix) - if there is something like this for Windows. Try to download windump (http://windump.polito.it) and issue a "windump -D". This should print the list of the interfaces present on your system. > I also do not know what kind of file (file extension) should I provide for input and output. It doesn't care. However, if you use .acp Analyzer (http://analyzer.polito.it) will recognize and open them. > I guess the filter string will be something like "port 89" ... Is it correct ? Yes, look at the windump manual (on the windump web site) for details. > Is this pcap_filter only to filter packets from a already captured file or does it capture packets too ? It can capture from an interface, if you provide one with the -i command line switch. Loris > Can somebody help me ? > > Thanks, > Beatriz > > -- > __________________________________________________________ > Sign-up for your own FREE Personalized E-mail at Mail.com > http://www.mail.com/?sr=signup > > Save up to $160 by signing up for NetZero Platinum Internet service. > http://www.netzero.net/?refcd=N2P0602NEP8 > >
