Examine the correctness of filter

Sun Dec 3 20:17:01 EST 2006

Hey people,

While reading ra -b output, I come across this -

ra -b - tcp
(000) ldb      [142]
(001) and      #31
(002) jeq      #0x1             jt 3    jf 5
(003) ldb      [152]
(004) jeq      #0x6             jt 8    jf 9
(005) jeq      #0x2             jt 6    jf 9
(006) ldb      [179]
(007) jeq      #0x6             jt 8    jf 9
(008) ret      #96
(009) ret      #0

While this seems not so complicated, however is there any reference of argus
data format that I can refer such as the one shown in tcpdump -d which the
correctness of filter can be confirmed by looking at the packet headers.

Thanks.

-- 
Best Regards,

CS Lee<geekooL[at]gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20061204/95888839/attachment.html>