CVS log entries from 21.07.2004 (Wed) 09:05:09 - 22.07.2004 (Thu) 09:05:16 GMT
=
Summary by authors
=
Author: guy
File: tcpdump/print-ascii.c; Revisions: 1.16
File: tcpdump/print-
Hi:
In reviewing a file captured from a server I found my IP adress as a source
or as a destination, but there is not combination without my IP adress.
When sniffing packets, I suppose, even if they does not come to my IP adress
because sniffing I stress for passing all packets through my IP adre
On Thu, Jul 22, 2004 at 01:03:49PM +0200, C?sar C?rdenas wrote:
| Hi:
|
| In reviewing a file captured from a server I found my IP adress as a source
| or as a destination, but there is not combination without my IP adress.
|
most likely you have a LAN-switch in your network, which means that yo
Hi:
I am trying:
windump -i 2 'tcp[13]&2==2'
It recognizes the interface but still there doing nothing...
without "'" it says:
windump: listening on "MY DEVICE"
windump: illegal token:
What could be wrong?
I take advantage to say thanks for your help,
César
-
This is the tcpdump-workers list.
As promised, I grabbed *current* and compiled libpcap with +DD64. It appears to
have been OK. I went to compile tcpdump, but tcpdump-current.tar.gz unpacks to
2004-07-21, not 22. I simplisticly took that to mean it didn't update bits from
before.
On a lark, I added a "+M0" to turn-on migrati
Hi,
I have a pcap filter string: udp and \( \( host host1 and port port1 \) or
\( host host2 and port port2 \) \)
Things are working through command line for tcpdump. But, it doesn't work
for pcap lib in the code. Any idea?
Best,
Thomas
-
This is the tcpdump-workers list.
Visit https://lists.s
On Jul 22, 2004, at 12:25 PM, Hu Thomas Pan wrote:
I have a pcap filter string: udp and \( \( host host1 and port port1
\) or
\( host host2 and port port2 \) \)
Things are working through command line for tcpdump. But, it doesn't
work
for pcap lib in the code.
Try using the string
"udp and ( (
On Jul 22, 2004, at 10:29 AM, Rick Jones wrote:
cc: "pcap-dlpi.c", line 376: LP64 migration warning 720: Argument #3
may overflow integer.
}
ret = dlrawdatareq(p->send_fd, buf, size);
I guess that one depends on how large size is likely to get.
...and changing the third argument t
On Jul 22, 2004, at 1:13 PM, Hu Thomas Pan wrote:
Still not work. No data comes into my callback function.
But tcpdump, with the same filter, shows packets?
We'd have to see the source to your program to figure out what the
problem is.
-
This is the tcpdump-workers list.
Visit https://lists.sande
Still not work. No data comes into my callback function.
I use while(1) for the main process.
Thomas
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Guy Harris
Sent: Thursday, July 22, 2004 12:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [tcpdump-workers] ho
I've noticed a peculiar behavior. Given the same hand-crafted
dump file (with an intended time of 5:36 on Jan 1, 1970), tcpdump
reports a time of 6:36 for default output, and a time of 10:36 when
run with the - option ("supposedly" same time with date info
prepended). Both ethereal and tcptra
On Jul 22, 2004, at 1:47 PM, Aaron Mitchell wrote:
I've noticed a peculiar behavior. Given the same hand-crafted
dump file (with an intended time of 5:36 on Jan 1, 1970), tcpdump
reports a time of 6:36 for default output, and a time of 10:36 when
run with the - option ("supposedly" same time w
On Jul 22, 2004, at 9:10 AM, César Cárdenas wrote:
I am trying:
windump -i 2 'tcp[13]&2==2'
It recognizes the interface but still there doing nothing...
I assume from the "-i 2" that you have more than one interface on your
machine. What happens if you try to connect from the machine running
Win
For tcpdump, it should be:
sudo tcpdump -i nic_name udp and \( \( host host1 and port port1 \) or \(
host host2 and port port2 \) \)
In the code, both of formats failed. Since I use C++, the above string would
be changed to "udp and \\( \\( host host1 and port port1 \\) or \\( host
host2 and port
-BEGIN PGP SIGNED MESSAGE-
> "Guy" == Guy Harris <[EMAIL PROTECTED]> writes:
Guy> If that's still valid, we should probably have it set
Guy> "thiszone" to "gmt2local(time stamp of first packet)" after
Guy> reading, but before processing, the first packet, so the offset
15 matches
Mail list logo
