[tcpdump-workers] Facing a problem when I try to capture NetBeui packet (NBF) of ether frames
I am trying to capture the ether type frames that contain only the NetBeui (NBF) packets by using the tcpdump, but unfortunately I am getting error in spite of following the instructions in the man page. The command that I am writing is as follows: tcpdump ether proto \\netbeui the error that I am getting is: tcpdump: unknown ether proto netbeui But for other ether frame protocols such as arp, rarp and ip there is no problem and they work. So any body can help me to solve this problem? Regards Bassam A. Al-Khaffaf R D Engineer R D Department Palette Multimedia Bhd www.palettemm.com www.yellowspots.com [EMAIL PROTECTED] Tel: +60 (3) 6253 3299 - Ext: 229 Fax: +60 (3) 6253 4399 MPhone: +60 (16) 493 1776 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.686 / Virus Database: 447 - Release Date: 14/05/04
[tcpdump-workers] Automatic report from sources (tcpdump libpcap htdocs) between 26.05.2004 - 27.05.2004 GMT
CVS log entries from 26.05.2004 (Wed) 09:04:04 - 27.05.2004 (Thu) 09:04:04 GMT = Summary by authors = Author: guy File: tcpdump/CREDITS; Revisions: 1.94 File: tcpdump/print-ipx.c; Revisions: 1.40 = Combined list of identical log entries = Description: From Steinar Haug [EMAIL PROTECTED]: put declarations inside a function before all executable statements. Clean up white space. Modified files: File: tcpdump/CREDITS; Revision: 1.94; Date: 2004/05/26 19:57:57; Author: guy; Lines: (+1 -0) File: tcpdump/print-ipx.c; Revision: 1.40; Date: 2004/05/26 19:57:57; Author: guy; Lines: (+5 -5) = Log entries = = Summary of modified files = File: tcpdump/CREDITS Revisions: 1.94 Authors: guy (+1 -0) --- File: tcpdump/print-ipx.c Revisions: 1.40 Authors: guy (+5 -5) -- Automatic cron job from /tcpdump/bin/makelog - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] savefile.c patch
Guy Harris [EMAIL PROTECTED] said: Also, should we save the mode returned by setmode() and restore it when we close a pcap_t or pcap_dumper_t that refers to the standard input or output? Since pcap_dump_close() doesn't have a pcap_t argument, where should the oldmode come from? Can we have two module globals; oldmode_stdin, oldmode_stdout, assuming stdin/stdout won't be opened for capture more than once? Ideally it should be pcap_dump_flush(pcap_t *p), but too late to change that now. --gv - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] savefile.c patch
On May 27, 2004, at 5:22 AM, Gisle Vanem wrote: Since pcap_dump_close() doesn't have a pcap_t argument, where should the oldmode come from? Can we have two module globals; oldmode_stdin, oldmode_stdout, assuming stdin/stdout won't be opened for capture more than once? If it's opened for capture or dumping more than once in sequence, that's not an issue; if it's opened for capture or dumping more than once in parallel, that's not going to work anyway. As such, the two globals would probably be the best idea. - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
