Volker Kuhlmann wrote: >Gurus, > >how can I capture the data which goes over a net connection and meets a >simple criteria of (remote-ip:port)? > >Yes I know of tcpdump and ethereal, but I don't find either easy to >use, and more to the point, both produce copious amounts of tcp data >(SYN bits, mac addresses, tcp-ack packets, etc bla bla) which I don't >want to know of. > You can cut down on the amount of data displayed or recorded by ethereal by using a filter see:-
http://www.ethereal.com/docs/user-guide/chap03.html and following sections. I'd agree that this doco must have been translated from the Original Swahili by Japanese students practising their English, but they have done a pretty decent job & I'm sure that for someone who can so precisely decode the intricacies of the rpm manual, you'll have no problems whatsoever. :-) >Say I want to have the data (data only) which goes between my host and a >remote:21 (i.e. ftp control channel) dumped into a file. Or, right now >I'd like to see what the exchange between fetchmail and the pop3 server >is, to find out precisely what kind of header mangling fetchmail >performs on an email before delivering it locally. > >Does anyone know of a simple way to achieve this? Or any way at all? > >Thanks, > >Volker >
