Output without Ethernet headers?

[Ricardo S]

Hello all,

I have a simple question, but reading the manuals I couldn't figure
out how to solve it. On summing the bytes of a flow, Argus considers
the Ethernet header, right? If so, how could I remove Ethernet header
from the total of bytes? Is there any filter expression that would do
it? I would like to have only the sum of IP headers in the field
"bytes".

Thanks,
Ricardo.