SMARTSNIFF使用手册
何勇
For both filter types, you can add one or more filter strings (separated by spaces or CRLF) in the following syntax:
[include | exclude] : [local | remote | both] : [tcp | udp | tcpudp | icmp | all] : [IP Range | Ports Range]
Here's some examples that demonstrate how to create a filter string:
- Display only packets with remote tcp port 80 (Web sites):
include:remote:tcp:80 - Display only packets with remote tcp port 80 (Web sites) and udp port 53 (DNS):
include:remote:tcp:80
include:remote:udp:53 - Display only packets originated from the following IP address range: 192.168.0.1 192.168.0.100:
include:remote:all:192.168.0.1-192.168.0.100 - Display only TCP and UDP packets that use the following port range: 53 - 139:
include:both:tcpudp:53-139 - Filter most BitTorrent packets (port 6881):
exclude:both:tcpupd:6881 - Filter all ICMP packets (Ping/Traceroute activity):
exclude:both:icmp
类似资料: