Login or Register to Ask a Question and Join Our Community


IP Networking

Berkley Packet Filter

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking Berkley Packet Filter
# 1  
Old 09-19-2013
Berkley Packet Filter
Hi Folks!

Im trying to write a packet capture filter on a opnet device. The syntax there to write this filter is BPF.

What I wanna do is to capture everything, but from a certain ip-range I just wanna capture the header and not the payload. For your understanding: We are writing our backup to the databases during the night. So I dont want to capture all the payload of this backup I just want to capture the header-data.

So, I've read a lot about BPF and it's pretty cool. Comparing to a programming language you can specify a lot of "if"s. Like "if ip[0] = 9" and so on. But is it possible to specify a "then" clause? So: "IF this packet belongs to the backup stream, THEN just capture the header data".

Thanks a lot for your help
ati
# 2  
Old 09-20-2013
Seems like a pretty substantial learning curve and maybe not all you ask. Usually 'tcpdump' with some postprocessing is sufficient. Firewalls often have a way for you to insert C code to handle each packet, too.
Last edited by DGPickett; 09-20-2013 at 04:38 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. AIX

Packet loss coming with big packet size ping

(5 Replies)
Discussion started by: Vishal_dba
5 Replies

2. Homework & Coursework Questions

filter packet

Exercise: Protection of WEB and DNS servers using the context-free rules for packet filtering: - Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns. - Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Discussion started by: numeracy
1 Replies

3. Cybersecurity

filter packet

Exercise: Protection of WEB and DNS servers using the context-free rules for packet filtering: - Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns. - Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Discussion started by: numeracy
1 Replies

4. Programming

Berkley Packet Filter Question

Hi, Is there any simple way to stop a bpf device from seeing frames that it sent? An ioctl call perhaps? Any advice would be helpful (0 Replies)
Discussion started by: edwarky
0 Replies

5. UNIX for Advanced & Expert Users

Need information about System V & Berkley Syntax for Unix

Hi, Can somebody give me some information on System V & Berkley's Unix formats. Any link will be helpful. thanks (6 Replies)
Discussion started by: vibhor_agarwali
6 Replies

6. IP Networking

Seeing IP packet

Hi, Is there any way that i can directly take out the IP packet and see its contents. Waiting for your answer .............. Bye (4 Replies)
Discussion started by: manjunath
4 Replies
Login or Register to Ask a Question