Help on listening to traffic via a specific adapter

Question

Help on listening to traffic via a specific adapter

Opened this issue 5 years ago · 1 comments

When I run windump -D I can see that I have 3 adapters on a machine
1.\Device\NPF_{name} (Intel(R) PRO/3000 PT Dual Port Server Adapter)
2...
3...
How do query traffic coming from only of those adapters? When I try bmdb addfilter I am not able to find a good syntax
bmdb addfilter A A "src host name" was what I expected to work, but it is rejected

Answer 1 · 2020-05-12T17:24:14.000Z

If you want to create a filter for traffic coming from one of your adapters you can just use the ip address of the adapter you are interested in, for example:
bmdb addfilter A A "src 1.2.3.4"