another newbie question
Kevin C Miller
kevinm at andrew.cmu.edu
Tue Jan 20 12:06:04 EST 2004
It's just the BPF language that tcpdump and others use.
I would use 'not' instead of '!', e.g. "dst net 192.168.0.64 mask
255.255.0.192 and not net 192.168.1.0 mask 255.255.0.0"
Also, 255.255.0.192 isn't a valid netmask. Do you mean 255.255.255.192 ?
-Kevin
--On Tuesday, January 20, 2004 11:58 AM -0500 "Furnish, Trever G"
<TGFurnish at herff-jones.com> wrote:
> [root at enterprise u01]# ramon -M Matrix -n -L0 -r /u01/argus.log - dst net
> 192.168.0.64 mask 255.255.0.192 and ! net 192.168.1.0 mask 255.255.0.0 |
> wc -l
> 341
---------------------------------------------------
Kevin C. Miller <kcm at cmu.edu>
Network Development
Carnegie Mellon University
More information about the argus
mailing list