Hi all,
Cann't we expect the output of tcpdump on different systems for the same
input file
to be same?
I am not getting the same output, in the sense it was differencing at the
hostnames..I suppose the problem might be DNS lookups,
one was using and the other one not.
Whether the both systems
Hi,
Thanks a lot..
It works fine.
On 4/7/06, Guy Harris [EMAIL PROTECTED] wrote:
Hannes Gredler wrote:
you may want to check the text2pcap utility
that comes along with ethereal for learning about
conversion to a libpcap readable format.
Or, alternatively, with newer versions of
it is a correct output or not..
And one more thing is , Is the tcpdump tested on any platform(OS)? so that i
can refer
the output on that platform..
My tcpdump version: 3.9.4
On 3/6/06, Hannes Gredler [EMAIL PROTECTED] wrote:
Latha G wrote:
Hi all,
I have one question about the output format
/8/06, Hannes Gredler [EMAIL PROTECTED] wrote:
latha,
i fail to understand what your problem is ...
what disturbs you with the (broadcast) output
i.e. what is wrong with this ?
/hannes
Latha G wrote:
Hi Hanees,
Thanks for ur reply...
I referred print-arp.c for arp output format
Hi all,
I have a question on interpreting the output of -d option..
I used tcpdump -d option
o/p: (000) ret #96
I interpreted it as returning 96 bytes of the data.
and i used tcpdump -dd option
o/p: { 0x6, 0, 0, 0x0060 },
I interpreted, 0x6 refers to the opcode of ret instruction...
Hi all,
The purpose of tcpdump -q option is given as Print less protocol
information so output lines are shorter.
Less protocol Information means how much less?
I used tcpdump -q ,the message came from tcpdump is
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
It
Hi all,
Can we simultaneously run tcpdump many times...
I mean, I opened two terminals, Is it possible to run tcpdump on both these
terminlas simultaneously?
And if it so, is both the outputs same?
how it handles if we run simultaneously?
I am working on Fedora2 linux.
my tcpdump version: 3.8
right?
On 2/22/06, Hannes Gredler [EMAIL PROTECTED] wrote:
Latha G wrote:
Hi all,
Thanks for your support till now.
I want to clarify few things about the tcpdump -r option
I just used tcpdump -w dump.pcap
The -r option is used just to read back what we stored using -w option
Hi all,
I am using tcpdump -s option for capturing 20 bytes of the packet..
I thought the output should come like [|arp] / [|ip] / [|igmp]
{corresponding to protocol}
means at that protocol, the packet was truncated..
but for my surprise for arp packets it was coming like truncated-arp
and
Hi all,
I have one doubt on tcpdump's -s option.
I had given tcpdump -c 1 -s 40 file, after that i checked the file
size using ls -l file,
what i got the file size is some 83 bytes. It was varying from time to time
i executed the tcpdump, some times the file size is 232 bytes, anyway i am
Hi all,
Can any one explain me about the outputs of tcpdump -xx and -XX options.
The outputs for these options looks like:
tcpdump -xx:
15:56:04.440349 arp who-has 172.16.38.3 tell 172.16.16.110
0x: 0003 4724 f364 0806 0001 G$.d
0x0010: 0800 0604
In my system,
YYY is EN10MB and
ZZZ is Ethernet.
But for tcpdump -e option gives correct output only.
Means the link level headers are prited out.
Why it happens for -xx , that it is not printing header information.
On 11/22/05, Guy Harris [EMAIL PROTECTED] wrote:
Latha G wrote:
But on my
dropped by kernel
On 11/22/05, Guy Harris [EMAIL PROTECTED] wrote:
Latha G wrote:
In my system,
YYY is EN10MB and
ZZZ is Ethernet.
But for tcpdump -e option gives correct output only.
Means the link level headers are prited out.
Why it happens for -xx , that it is not printing header
Hi Harris,
Thanks you very much for your support.
Now i understood the output.
--
Thaks Regards,
Latha.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Hi all,
I am new to thi group.
I am working on tcpdump for my project.
I am not getting the correct output for the -xx option as mentioned in the
man page: -xx option prints packets (including its link level header) in
hex.
And -x option prints packets (except link level header) in hex.
But on my
15 matches
Mail list logo
