tls子命令可否支持ip过滤

Question

Closed this issue 4 months ago · 6 comments

./ecapture tls 问下只有--port参数，没看到--host或--ip的参数，有计划支持吗？

Answer 1 · 2024-01-31T10:23:51.000Z

@Asphaltt 大神有个更好地解决方案 pcap filter ，未来会支持这个功能。

Expert @Asphaltt has a better solution pcap filter, which will be supported in the future.

Answer 2 · 2024-01-31T10:29:52.000Z

Do you mean elibpcap library?

It will be nice to support pcap filter expression like tcpdump.

Answer 3 · 2024-01-31T12:38:49.000Z

好像也只能如此了。这周我测试github.com/Asphaltt/tc-dump在android上的兼容性。

It seems that this is the only way. This week, I tested the compatibility of github.com/Asphaltt/tc-dump on Android.

Answer 4 · 2024-02-01T01:47:50.000Z

I tested the compatibility of github.com/Asphaltt/tc-dump on Android.

Great.

One more question: is --port=443 required? It will conflict with pcap-filter when there's tcp port 8080 in pcap-filter at the same time.

Answer 5 · 2024-02-01T10:16:44.000Z

Well, the '--port' argument does conflict with 'pcap-fliter' and can be removed

嗯，--port参数确实会跟pcap-fliter产生冲突，可以去掉。

Answer 6 · 2024-02-01T12:38:24.000Z

can be removed

Good. I'm on it.