Hello guys :) I'm looking for a help. I have a problem with capture filter configuration. I want to capture just a traffic from specific tcp ports. (TCP port 23 (telnet) and tcp portrange 2066-2100) So my syntax in "Capture options" "Capture filter" field looks like this: tcp dst port 23 and tcp dst portrange 2066-2100 and there is no capture with this command! If I use just "tcp dst port 23" or just "tcp dst portrange 2066-2100" as a filter, I can see the output, but I can't get these filters to work together as one. Where is a problem? Thank you for your time and for your answers. Any helpful information is highly appreciated. asked 26 Jun '12, 06:59  jomajo |
2 Answers:
I don't know why, but this is working: tcp dst portrange 2066-2100 or tcp dst port 23 :) Oh thanks, I saw I have an answer too :) answered 26 Jun '12, 07:08 jomajo |
Use ... or ... and means both conditions must be satisfied which is not going to happen if the conditions are exclusive .... answered 26 Jun '12, 07:07  Bill Meier ♦♦ edited 26 Jun '12, 07:09 |
see the answer of Bill Meier. OR is the key. Reason: The destination port cannot be 23 AND in the range of 2066-2100 (at the same time).