In some email I received from alex medvedev, sie wrote:
> hallo,
>
> any interest in having a -j flag in tcpdump?
>
> the flag would simply jump over the specified number of packets.
> it may be useful when reading dumps with -r flag.
> it may also be useful in conjuction with -c flag to isolate
In some email I received from alex medvedev, sie wrote:
> hi,
>
> i think print-gre.c needs a #ifdef INET6 around
>
> case ETHERTYPE_IPV6:
> ip6_print(bp, len);
> break;
>
> otherwise tcpdump does not build if compiled without ipv6 support.
> but who does
On Jul 1, 2004, at 12:18 PM, alex medvedev wrote:
this, however, does not work well with relative seq numbers in tcp
packets [maybe smth else too?].
Anything that maintains and uses state information between packets
wouldn't work.
However, what could be done would be something that still runs the
hallo,
any interest in having a -j flag in tcpdump?
the flag would simply jump over the specified number of packets.
it may be useful when reading dumps with -r flag.
it may also be useful in conjuction with -c flag to isolate certain
interval from a dump.
a callback function called spin() could
On Jul 1, 2004, at 2:50 AM, [EMAIL PROTECTED] wrote:
tcpdump doesn't have any specific facility to handle fragmented
packets,
as far as I know (it cannot reassemble the fragments).
That capability could be added (Ethereal supports it), although, if
provided, it should be an option (as reassembly
hi,
i think print-gre.c needs a #ifdef INET6 around
case ETHERTYPE_IPV6:
ip6_print(bp, len);
break;
otherwise tcpdump does not build if compiled without ipv6 support.
but who does that anyway? :)
thanks,
-alexm
13:21 01/07/2004
-
This is the tcpdump-wor
In some email I received from Hannes Gredler, sie wrote:
> darren,
>
> can we have a .pcap sample showing such a frame for
> the /tests directory ?
I've semi-hand constructed this file because of privacy
concerns about the real data.
I've also included a new version of the patch (moved the
unesc
darren,
can we have a .pcap sample showing such a frame for
the /tests directory ?
/hannes
On Thu, Jul 01, 2004 at 09:32:26PM +1000, Darren Reed wrote:
| I've been using this patch to print IP packets inside PPP HDLC
| frames found in raw 1xRTT traffic. I've been able to find few
| details on t
I've been using this patch to print IP packets inside PPP HDLC
frames found in raw 1xRTT traffic. I've been able to find few
details on the actual PPP header format apart from what "0x7eff"
means and observing traffic for 0x7e21. The end result is extra
output of the form "{ PPP HDLC IP 1.2.3.4 >
> > You could write a BPF expression to match a particular packet id#.
> >
>
> How should I do this? I don`t know a specific packet id. What I would have
> to do is to compare each packet id with the ones received earlier and I must
> store it to compare with ones received later. With that whole
> In some email I received from Hans Klute, sie wrote:
> [ Charset ISO-8859-1 unsupported, converting... ]
> > Hi!
> >
> > I just realized a bug/feature of pcap that I didn?t think of.
> > I wrote a sniffer based on pcap. This sniffer can handle fragmented IP
> > packets. Now I realized that if yo
Michael Richardson wrote:
Guy> for the PDML specification.
I think it is an abuse of XML... nothing is actually marked up.
Everything seems to be given as attributes, i.e.:
rather than:
0x45
Using attributes makes it slightly easier to process stuff with XSLT. When you
use an you hav
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Guy Harris
> Sent: giovedi 1 luglio 2004 8.25
> To: [EMAIL PROTECTED]
> Subject: Re: [tcpdump-workers] text format stability
>
>
> On Thu, Jul 01, 2004 at 07:34:44AM +0200, Fulvio Risso wrote:
> > Etherea
13 matches
Mail list logo
