Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strange behaviour of socketdump.exe with ip/ipv6 filter #338

Open
TsXor opened this issue Aug 21, 2023 · 1 comment
Open

strange behaviour of socketdump.exe with ip/ipv6 filter #338

TsXor opened this issue Aug 21, 2023 · 1 comment

Comments

@TsXor
Copy link

TsXor commented Aug 21, 2023 

gsudo socketdump.exe "ip or ipv6"
gsudo socketdump.exe "not ip and not ipv6"
gsudo socketdump.exe "ip"
gsudo socketdump.exe "ipv6"

fails to show socket events

gsudo socketdump.exe "not ip or not ipv6"
gsudo socketdump.exe "not ip"
gsudo socketdump.exe "not ipv6"

can show socket events
@basil00
Copy link
Owner

basil00 commented Aug 26, 2023

It seems that ip and ipv6 are broken for the SOCKET layer. The problem seems to be here, where the filter determines whether ip/ipv6 holds based on whether there is a IP(v6) header or not, but this only makes sense for the NETWORK layer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@basil00 @TsXor