Snoop on Solaris，如何避免“以太”数据包？

Question

这个过滤器工作得很好

snoop -vvx port 5858 and not port 22

但我看到了一些“以太”标题

ETHER:  ----- Ether Header -----
ETHER:  
ETHER:  Packet 16 arrived at 13:01:37.43271
ETHER:  Packet size = 60 bytes
ETHER:  Destination = ***************,
ETHER:  Source = ***************,
ETHER:  Ethertype = 0800 (IP)

如何避免乙醚？

在tcpdump上，我这样做并工作，如何在窥探上获得相同的结果？

tcpdump -vvx -i net0 port 5858 and not stp 

Answer 1

实际上这条线似乎解决了

snoop -V -x host myhost and port 5858

据我所知，-v把协议按顺序排列，乙醚也是，然后是ip，然后是tcp (输出不完整，太长)

snoop -d net0 -v
Using device net0 (promiscuous mode)
ETHER:  ----- Ether Header -----
ETHER:  .........
ETHER:  Ethertype = 0800 (IP)
ETHER:  
IP:   ----- IP Header -----
IP:   
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x48
IP:   .......
TCP:  ----- TCP Header -----
TCP:  
TCP:  Source port = 22
TCP:  Destination port = 55934 
TCP:  Sequence number = 52486020
TCP:  Acknowledgement number = 676130111
TCP:  Data offset = 20 bytes
TCP:  Flags = 0x18
TCP:        0... .... = No ECN congestion window reduced
TCP:        .0.. .... = No ECN echo
TCP:        ..0. .... = No urgent pointer
TCP:        ...1 .... = Acknowledgement