先请达人们解答下wireshark里面udp.proc filter是怎么用的。。。 quark回答我说和udp options里面的collect process flow information有关,但他也告诉我开了这个选项也没法用。。。也的确是这样的。。。于是就不知道怎么回事了。。。
我去wireshark live support上问,似乎是个”Expert assisted Bot”在回答,*号是我问的内容,>后面是他的回答 http://www.wireshark.org/tools/helpdesk.html
*How can I use udp.proc.srcpid filter? For example, I choose a process which is sending UDP packets, its pid is 1234, then I write udp.proc.srcpid==1234 but it shows nothing. I tried other filters of udp.proc but still nothing works. I’m confused about the usage of udp.proc filters. Thanks for your help!
> Not supported in Windows, without special drivers
* Er…I tried under Archlinux but still nothing works.
> What’s your FreeBSD version?
* Archlinux 3.0//(第一次凌乱。。。Archlinux哪有版本号这一说。。。只好先弄个3.0上去)
> …Tell me more
*Archlinux …
> …OK,you ask me “how can you use udp.proc.srcpid filter? For example, you choose a process which is sending UDP packets, its pid is 1234, then you write udp.proc.srcpid==1234 but it shows nothing. you tried other filters of udp.proc but still nothing works. You’re confused about the usage of udp.proc filters. Thanks for my help!”,tell me more
* I tried it under all platforms but nothing happens
> What speed is your frame relay connection?
* 100Mbps
> Tell me more…
* Is it something collect process flow information?
> I see.
* Is it something about collect process flow information?
> Say, do you have any psychological problems?
* ….I bs you…
> Oh… ?
我去wireshark live support上问,似乎是个”Expert assisted Bot”在回答,*号是我问的内容,>后面是他的回答 http://www.wireshark.org/tools/helpdesk.html
*How can I use udp.proc.srcpid filter? For example, I choose a process which is sending UDP packets, its pid is 1234, then I write udp.proc.srcpid==1234 but it shows nothing. I tried other filters of udp.proc but still nothing works. I’m confused about the usage of udp.proc filters. Thanks for your help!
> Not supported in Windows, without special drivers
* Er…I tried under Archlinux but still nothing works.
> What’s your FreeBSD version?
* Archlinux 3.0//(第一次凌乱。。。Archlinux哪有版本号这一说。。。只好先弄个3.0上去)
> …Tell me more
*Archlinux …
> …OK,you ask me “how can you use udp.proc.srcpid filter? For example, you choose a process which is sending UDP packets, its pid is 1234, then you write udp.proc.srcpid==1234 but it shows nothing. you tried other filters of udp.proc but still nothing works. You’re confused about the usage of udp.proc filters. Thanks for my help!”,tell me more
* I tried it under all platforms but nothing happens
> What speed is your frame relay connection?
* 100Mbps
> Tell me more…
* Is it something collect process flow information?
> I see.
* Is it something about collect process flow information?
> Say, do you have any psychological problems?
* ….I bs you…
> Oh… ?
orz 笑了……
555…被bot调戏…T T