cardigliano
commented
2 years ago If you specify 4, packet is sliced after the UDP/TCP header (only the l7 payload is removed)
[--packet-slicing|-0]
Closed jphussey05 closed 2 years ago
cardigliano
commented
2 years ago If you specify 4, packet is sliced after the UDP/TCP header (only the l7 payload is removed)
[--packet-slicing|-0]
Where can I find the options for the --packet-slicing flag? Does this take a TCP/IP layer, like "4" or a specific layer like "udp"?
I'm trying to slice packets after the tcp or udp header (with a -F of ip) without running a secondary "cleaner script". Right now I'm just using snaplen 200.