JKH: tcpdump improvement
Patrick MARIE
mycroft at virgaria.org
Sat Jan 24 00:53:45 PST 2004
On Fri, Jan 23, 2004 at 12:02:18AM +0000, Vadim Chekan wrote:
> Hello Poul,
>
> I want to try to implement portrange feature in tcpdump as described on your
> JKH TODO list if it's still actual.
>
> I have several thoughts about this task.
>
> 1. As soon as it is neccessary to implement port<N, port>N to implement this
> task it is a good idea to extend syntax with these operators. Actually after
> implementing "<" and ">" operators task is 80% done because it is possible to
> implement range by "port > N1 and port < N2" expression.
>
> 2. About range operator. I'd prefer to add functionality to existing "port"
> operator instead of introducing new keyword "portrange".
> It seems easier to remember and use syntax like:
> "port 40-400 and port 500"
>
> What do you think?
Well, if you want, you can rely on the following patch:
http://www.virgaria.org/~mycroft/libpcap-20040124.diff
It was done a while ago, submitted to libpcap/tcpdump developers
without any new from them since.
Cheers,
- patrick
--
Patrick MARIE <mycroft at virgaria.org>
pgp: http://www.minithins.net/~mycroft/key.txt
More information about the freebsd-current
mailing list