Argus 3.0 and Fedora 9
Mike Iglesias
iglesias at uci.edu
Tue Mar 3 12:11:29 EST 2009
carter at qosient.com wrote:
> Sorry my phone sent my mail before I was done ;o)
> So the filter doesn't look bad at first glance, but not sure about ICMP being a 1?
>
> What about other simple filters like "tcp" ?
> Are they working?
No, they aren't. I tried "tcp", "udp", and "tcp or udp", and none of them
worked with argus or tcpdump. Also, "not icmp", "not udp", and "not tcp"
don't work right either in that they still provide the traffic you are asking
not be provided, and you get the stuff you wanted too.
--
Mike Iglesias Email: iglesias at uci.edu
University of California, Irvine phone: 949-824-6926
Network & Academic Computing Services FAX: 949-824-2270
More information about the argus
mailing list