Hello Poul, I want to try to implement portrange feature in tcpdump as described on your JKH TODO list if it's still actual. I have several thoughts about this task. 1. As soon as it is neccessary to implement port<N, port>N to implement this task it is a good idea to extend syntax with these operators. Actually after implementing "<" and ">" operators task is 80% done because it is possible to implement range by "port > N1 and port < N2" expression. 2. About range operator. I'd prefer to add functionality to existing "port" operator instead of introducing new keyword "portrange". It seems easier to remember and use syntax like: "port 40-400 and port 500" What do you think? Thanks Vadim Chekan.Received on Thu Jan 22 2004 - 20:02:42 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:39 UTC