Hello, On Tue, Oct 30, 2018 at 09:48:13AM +0000, Denis Ovsienko wrote: > At https://github.com/the-tcpdump-group/tcpdump/pull/702 there is a simple > proposed change, which seems to be an improvement: > ------------------------- > Subject: Introduce -nn option > > This changes the semantics on -n option so only namelookups are skipped. Port > numbers *are* translated to their string representations. Option -nn then has > the same semantics as -n had originally. > > This is a partial upstreaming of tcpdump-4.9.2-3 used in CentOs 7.5. > ------------------------- > > If anybody sees how this change isn't an improvement, please make your point > on the list.
I'm not so much for changing the behaviour of -n without good cause - using -n frequently between systems with different versions of tcpdump will likely force me to time and again type the command and then rerun it with the correct option. Maybe doing it the way Wireshark/tshark does it makes more sense, i.e. modify -N to add the specific things to resolve and with no qualifiers keep the original behaviour. ---- excerpt from man tshark --------------- -N <name resolving flags> Turn on name resolving only for particular types of addresses and port numbers, with name resolving for other types of addresses and port numbers turned off. This option overrides -n if both -N and -n are present. If both -N and -n options are not present, all name resolutions are turned on. The argument is a string that may contain the letters: d to enable resolution from captured DNS packets m to enable MAC address resolution n to enable network address resolution N to enable using external resolvers (e.g., DNS) for network address resolution t to enable transport-layer port number resolution v to enable VLAN IDs to names resolution ------------------------------------------------- Kind regards Jörg -- Joerg Mayer <jma...@loplof.de> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers