Hi, I would like to find out what is the reasoning behind using 68 as the current TCPDUMP snaplen. The manual says that this is adequate to cover TCP/IP traffic - though given that TCP can have 40 bytes of options, this clearly falls short. Does anyone have suggestions on a better choice of snaplen?
Chun Zhang Research Assistant Room 211, Network Group Dept. of Computer Science - UMASS Amherst, MA 01003 Tel(Office): (413)577-2206 http://www.cs.umass.edu/~czhang - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
