tcpdump expr for SYN-SYN-ACK only
Matthias Apitz
guru at unixarea.de
Thu Mar 3 08:40:56 UTC 2016
Hello,
I'm hunting some network problem wherein the SYN-SYN-ACK packages are
not arriving within the correct time windows. I'd like to monitor only
these packages with something like:
# tcpdump -i bge0 -n 'tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-ack) != 0 and port 8115'
this works fine for the SYN packages, but shows all ACK, while I only
want to see the 1st one. How could this be filtered?
Thanks
matthias
--
Matthias Apitz, ✉ guru at unixarea.de, ⌂ http://www.unixarea.de/ ☎ +49-176-38902045
More information about the freebsd-questions
mailing list