Ethereal-users: RE: [Ethereal-users] help with filter syntax

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "McNutt, Justin M." <McNuttJ@xxxxxxxxxxxx>
Date: Sun, 3 Dec 2000 11:16:43 -0600 
That will work, but remember that SNMP traps are sent on UDP port 162 (by
default).  Try:

udp.port == 161 or udp.port == 162

--J

> -----Original Message-----
> From: Gerald Combs [mailto:gerald@xxxxxxxx]
> Sent: Thursday, November 30, 2000 1:58 PM
> To: Mitchell K. Smith
> Cc: 'ethereal-users@xxxxxxxxxxxx'
> Subject: Re: [Ethereal-users] help with filter syntax
> 
> 
> On Thu, 30 Nov 2000, Mitchell K. Smith wrote:
> 
> > Greetings.
> > 
> > I am new to using Ethereal and I need some help with the 
> filter syntax.
> > I am using version 0.8.14.
> > 
> > I am trying to capture SNMP packets only.
> > 
> > I read the tcpdump man page but I still don't "get it"
> > 
> > What would the syntax be for the filter field?
> 
> SNMP uses UDP port 161, so the capture filter would be "udp 
> port 161", or
> simply "port 161".  In case you need it the display filter would be
> "snmp" or "udp.port == 161".
> 
> 
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>