Divert icon indicating copy to clipboard operation
Divert copied to clipboard

Published 20 hours ago verified publisher icon basil00

strange behaviour of socketdump.exe with ip/ipv6 filter

Open TsXor opened this issue 2 years ago • 1 comments
trafficstars 

gsudo socketdump.exe "ip or ipv6"
gsudo socketdump.exe "not ip and not ipv6"
gsudo socketdump.exe "ip"
gsudo socketdump.exe "ipv6"

fails to show socket events

gsudo socketdump.exe "not ip or not ipv6"
gsudo socketdump.exe "not ip"
gsudo socketdump.exe "not ipv6"

can show socket events

TsXor avatar Aug 21 '23 13:08 TsXor

It seems that ip and ipv6 are broken for the SOCKET layer. The problem seems to be here, where the filter determines whether ip/ipv6 holds based on whether there is a IP(v6) header or not, but this only makes sense for the NETWORK layer.

basil00 avatar Aug 26 '23 01:08 basil00