Where can I find the options for the --packet-slicing flag? Does this take a TCP/IP layer, like "4" or a specific layer like "udp"?
I'm trying to slice packets after the tcp or udp header (with a -F of ip) without running a secondary "cleaner script". Right now I'm just using snaplen 200.
Where can I find the options for the --packet-slicing flag? Does this take a TCP/IP layer, like "4" or a specific layer like "udp"?
I'm trying to slice packets after the tcp or udp header (with a -F of ip) without running a secondary "cleaner script". Right now I'm just using snaplen 200.