On Feb 20, 2009, at 7:08 PM, Guy Harris wrote:
The "tcp" in "tcpdump" is a bit old - people use it for doing more
than just looking at TCP headers these days - and it sounds as if
the problem Torsten Krah had tring to decrypt ipsec traffic was due
to the packets being cut short by a snapshot length.
Would it make sense to have tcpdump default to the maximum snapshot
length, rather than 68 (without IPv6 support) or 96 (with IPv6
support)?
I've checked in a change to make the default snapshot length 65535.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
