Could NOT find CARES

When I built wireshark in ubuntu, it emitted this error.

The correct packages to install are

1
2
3
4
5
sudo apt install libgcrypt20-dev libc-ares-dev libpcap-dev
mkdir bld
cd bld
cmake .. -DCMAKE_INSTALL_PREFIX=`pwd`/installed -DCMAKE_PREFIX_PATH=/home/work/3rdParty/qt/5.15.2/gcc_64
#.

wireshark过滤数据包的第一个INT

比如,tcp连接,往往包头第一个INT或第二个INT表示包的类型,可以用wireshark过滤显示指定类型的数据包,比如过滤包头第一个INT对应整型值为10的包的过滤表达式为

1
ip.addr == 192.168.1.21 && tcp.port == 7222 && frame[54:4]==0a:00:00:00

附:tcpdump抓包

1
tcpdump -i eth0 -w file.cap host 192.168.168.18 and tcp port 8081

refer to:
https://blog.csdn.net/qq_19167629/article/details/83088878