Is it possible to filter
packets by the DNS query? For
example, how could I dump all packets trying to resolve google.com?
J.R.
In some email I received from Hannes Gredler, sie wrote:
> i have some questions wrt to the format based on the .pcap
> file that you supplied;
>
> the 1st byte 0x7e seems to introduce a HDLC frame;
>
> after that i can see 4 different frame formats:
Yes. I thought it might be useful to provide
I'm looking the modify tcpdump's output to the screen so that it only
displays relevant hex translations of mysql commands that have been
captured.
Has anyone had success in doing something like this, or could anyone point
me in the right direction on how this can be done. Thanks.
On Thu, Jul 01, 2004 at 09:32:26PM +1000, Darren Reed wrote:
| I've been using this patch to print IP packets inside PPP HDLC
| frames found in raw 1xRTT traffic. I've been able to find few
| details on the actual PPP header format apart from what "0x7eff"
| means and observing traffic for 0x7e21.
On Jul 2, 2004, at 11:07 AM, Hannes Gredler wrote:
could you maybe also provide a pointer to a spec where the escaping
routines and or the 0x7e escape hack is described ?
http://www.ietf.org/rfc/rfc1662.txt
"This document describes the use of HDLC-like framing for PPP
encapsulated packets.
darren,
see questions/responses inline;
On Fri, Jul 02, 2004 at 01:28:20AM +1000, Darren Reed wrote:
| In some email I received from Hannes Gredler, sie wrote:
| > darren,
| >
| > can we have a .pcap sample showing such a frame for
| > the /tests directory ?
|
| I've semi-hand constructed this
CVS log entries from 01.07.2004 (Thu) 09:04:04 - 02.07.2004 (Fri) 09:04:04 GMT
=
Summary by authors
=
Author: hannes
File: tcpdump/print-ppp.c; Revisions: 1.95
File: tcpdump/print
