On Tue, Nov 10, 2009 at 9:30 PM, Nick Guenther <[email protected]> wrote:
> > A snaplen of 0 on linux really means a snaplen of 2^16-1 which is > "good enough". I'd imagine "tcpdump: invalid snaplen 0" was chosen > because technically it's true, the linux thing is just a convenience > hack that will bite someone down the line. I hope that you are not accusing me of using Linux. Because if you are, then that is the ultimate insult to which I would reply how do *you* know so much about that steaming pile of fecal matter? FreeBSD's tcpdump has a snaplen implementation that can be set to 0 that is why I asked the question. > What you want is to set > your snaplen to be equal to your MTU, which is what I guess you're > doing? > I'm sniffing packets over 802.11 and I wonder why I see some packets, but not all. Thomas
