This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Martin_Hofbauer
Participant
‎2020-10-05 07:50 AM

Filter syntax for g_tcpdump required when mixing "and" and "or"

in tcpdump in bash following works as expected:

 

# tcpdump -i eth0 host A and host B and \(port C or port D\)

( round brackets ensure, that the "or" statement is only valid for the port numbers )

 

But I was not able to figure out howto do it with "g_tcpdump" to have the same results.

Any ideas ?

 

0 Kudos
Reply
3 Replies
Anatoly
Employee+
Employee+
‎2020-10-07 10:51 PM

Hi,

It should be the same as tcpdump, just g_. If it doesn't work, try to do g_all tcpdump ….

 

Thanks

 

Anatoly

0 Kudos
Reply
HeikoAnkenbrand
Champion
Champion
‎2020-10-07 11:20 PM
In response to Anatoly

Hi @Anatoly 

in principle, the difference is clear to me. "g_all" executes the commands on all SGMs.

Is there a technical difference between "g_tcpdump" and "g_all tcpdump".

PS:
With  "g_tcpdump" filters I can also see that some things do not work 100% correct.

0 Kudos
Reply
Anatoly
Employee+
Employee+
‎2020-10-07 11:23 PM
In response to HeikoAnkenbrand

g_tcpdump and g_all tcpdump should be the same. However, since g_tcpdump has been developed as separate command, some differences may apply.

Please open support ticket if it's critical, if not - just use g_all tcpdump

0 Kudos
Reply