--- display.c	Sun Aug 23 21:51:48 1998
+++ display.c	Fri Dec  6 12:17:55 2002
@@ -54,6 +54,7 @@ 
 static int l_nflag, l_eflag;
 static int n_entries;
 static int err_pos;
+extern struct t_entry t_mask;  /* traffic mask */
 
 void
 init_display(reinit)
@@ -282,6 +284,13 @@ 
 	packets_total++;
 	bytes_total += e->bytes;
 	j = page * page_size;
+
+	e->src.s_addr &= t_mask.src.s_addr;
+	e->dst.s_addr &= t_mask.dst.s_addr;
+	e->sport &= t_mask.sport;
+	e->dport &= t_mask.dport;
+	e->proto &= t_mask.proto;
+
 	for (i = 0; i < n_entry; i++) {
 		if (memcmp(&e->eh, &entries[i].eh, sizeof(e->eh)) == 0 &&
 		    e->src.s_addr == entries[i].src.s_addr &&
--- trafshow.c	Fri Aug 28 00:15:57 1998
+++ trafshow.c	Fri Dec  6 12:34:09 2002
@@ -48,6 +48,7 @@ 
 int pflag = 0;		/* don't put the interface into promiscuous mode */
 int kflag = 1;		/* disable keyboard input checking */
 int eflag = 0;		/* show ethernet traffic rather than ip */
+struct t_entry t_mask;	/* traffic mask */
 
 /* global variables */
 char *program_name;		/* myself */
@@ -78,6 +79,12 @@ 
 	extern int abort_on_misalignment();
 	extern pcap_handler lookup_if();
 
+	t_mask.src.s_addr = 0xffffffff;	/* all bits valid */
+	t_mask.dst.s_addr = 0xffffffff;	/* all bits valid */
+	t_mask.sport = 0xffff;		/* all bits valid */
+	t_mask.dport = 0xffff;		/* all bits valid */
+	t_mask.proto = 0xffff;		/* all bits valid */
+
 	cnt = -1;
 	device_name = NULL;
 	infile = NULL;
@@ -94,7 +87,7 @@ 
 
 	if (abort_on_misalignment(ebuf) < 0) error(0, ebuf);
 
-	while ((op = getopt(argc, argv, "c:CefF:i:knNOpr:t:vh?")) != EOF)
+	while ((op = getopt(argc, argv, "c:CefF:i:kmnNOpr:t:vh?")) != EOF)
 		switch (op) {
 		case 'C':
 #ifdef	HAVE_SLCURSES
@@ -114,6 +121,42 @@ 
 			break;
 		case 'k':
 			kflag = 0;
+			break;
+		case 'm':
+			fprintf(stderr, "option m %d %d\n", optind, argc);
+			t_mask.src.s_addr = 0;
+			t_mask.dst.s_addr = 0;
+			t_mask.sport = 0;
+			t_mask.dport = 0;
+			t_mask.proto = 0;
+			for (;optind + 1 <= argc;) {
+			    char *s = argv[optind];
+			    u_int32_t arg = 0xffffffff;
+			    int save=optind;
+			    
+			    optind++;
+			    if (optind + 1 <= argc &&
+				    isdigit(*(argv[optind])) ) {
+				arg = strtol(argv[optind], NULL, 0);
+				optind++;
+			    }
+			    fprintf(stderr, "-m %s 0x%x\n", s, arg);
+				
+			    if (!strcmp(s, "src-ip"))
+				t_mask.src.s_addr = arg;
+			    else if (!strcmp(s, "dst-ip"))
+				t_mask.dst.s_addr = arg;
+			    else if (!strcmp(s, "src-port"))
+				t_mask.sport = (u_short)(arg);
+			    else if (!strcmp(s, "dst-port"))
+				t_mask.dport = (u_short)(arg);
+			    else if (!strcmp(s, "proto"))
+				t_mask.proto = arg;
+			    else {
+				optind = save;
+				break;
+			    }
+			}
 			break;
 		case 'n':
 			++nflag;
--- trafshow.1	Fri Aug 28 09:37:38 1998
+++ trafshow.1	Tue Apr 15 22:32:21 2003
@@ -42,6 +42,14 @@ 
 .B \-k
 Disable input keyboard checking. It is intended to avoid loss of packets.
 .TP
+.B \-m
+[src-ip M] [dst-ip M] [src-port M] [dst-port M] [proto M]
+.br
+Mask the specified field with mask M (which should be specified
+as an hex number e.g. 0xffff0000) before further processing
+of the packet. This allows to aggregate traffic in the display
+to ease analysis.
+.TP
 .B \-n
 Don't convert host addresses and port numbers to names.
 .TP