On Thu, Nov 29, 2007 at 08:44:19PM +1100, Erik de Castro Lopo wrote: > Amos Shapira wrote: > > > I didn't get around to actually use IPv6 but how about configuring the > > standard bind server on your system (and the kernel) to support ipv6 > > and start querying it, > > Problem is that its not "normal" traffic and I'm not even sure how > to make if look like normal traffic. > > > perhaps through a udp proxy to allow you to > > capture the packets? > > tcpdump is more than adequate for capturing packets. Its kinda > had to beat: > > tcpdump -i <interface> -vv -s 512 -w dns.tcpdump port 53
I found out about dumpcap, editcap and mergecap the other day. They're pretty damn good too. One thing dumpcap does that tcpdump doesn't is rotate to next file on a time basis rather than size. They're part of wireshark (nee ethereal). > > > PS - I liked your story about X11... > > Its good isn't it? It's actually quite old. It first landed in my > .sig file about 10 years ago. It's great, though perhaps he didn't need to get written authorisation to implement official policy :-) He could've thrown out most of SunOS as well, since it was based on BSD. Would've made a nice scene people sitting in front of lumps of hardware. Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
