moog67_108621
Jul 14, 2014Nimbostratus
tcpdump portrange option
Hi everyone,
I'm trying to capture traffic directed to a certain range of tcp ports with tcpdump. When using the "portrange" expression I get a syntax error:
tcpdump -i -s0 -w capture_file.trc portrange 8080-8082 tcpdump: syntax error in filter expression
Is this expression supported on BIG-IP (1600 10.2.4 HF5)?
Thanks in advance, Regards.
moog67
try:
tcpdump -i SRV -s0 -w capture_file.trc port 8080 or port 8081 or port 8082
This worked for me, I saw traffic on all 3 ports in both directions in my dump. My only diff was the interface name.
This was on 10.2.4 HF5, tcpdump version 3.9.4, libpcap version 0.7.2
Again, no idea why portrange doesn't work, but I can confirm the same problem on this version.