Thank you very much.
I searched high and low, and there it is right in front of my face.
Two letters away no less!! duh.
I suppose if you don't HAVE_PCAP_DUMP_FLUSH
Thank you again.
maybe for morons like me we can add a reference to -U in -w:
and since -U is conditional upon -w then it can
On Mar 10, 2012, at 6:18 AM, jedge wrote:
> When using the (-w) option in conjunction with the (-l) option,
Use it with the -U option instead:
$ man tcpdump
...
-U Make output saved via the -w option ``packet-buffered''; i.e.,
as each packet is saved, it wil
On Mar 10, 2012, at 10:18 AM, abhinav narain wrote:
> I believe, the data packets destined for my AP, will be decrypted by the
> hardware itself
I *don't* believe that if the hardware is running in monitor mode.
> In any case, when I get them in userland, they should be unencrypted. right?
Wr
> Oh, and one more thing:
>
> Some network adapters, when running in a mode where they supply an 802.11
> header (such as monitor mode), put some padding in between the 802.11
> header and the payload, so the 802.2 LLC header in a data frame might not
> immediately follow the 802.11 header (regardl
When using the (-w) option in conjunction with the (-l) option, sending the
binary network packets to stdout still buffers.
I am using tcpdump and all its glorious features as a front end filter to a
similar process that handles the presentation layer.
I modified tcpdump.c near lines 822 (-i) an
