erik corell wrote:
I am using a pcap filter to catch 90 bytes long packets on port 123
(NTP packets). I am only interested in the packets to and from the
computer I am running pcap on. It is usually not a problem because I am
running PCAP in non-promiscuous mode. However, when I run for example
tcp
Hi,
I am using a pcap filter to catch 90 bytes long packets on port 123 (NTP
packets). I am only interested in the packets to and from the computer I am
running pcap on. It is usually not a problem because I am running PCAP in
non-promiscuous mode. However, when I run for example tcpdump I get
Hannes Gredler wrote:
no - we actually need to parse through the IP header to find out if the header
is variable length [IP options etc.]
Actually, you just have to look at the header length field for IPv4; for
IPv6, you do have to keep processing headers until the final header is seen.
-
This is
On Tue, Mar 01, 2005 at 10:19:25AM +0100, Eric Leblond wrote:
| Hi,
|
| I had to dump some RFC2684 atm bridge interfaces for a customer. We
| often have some strange messages :
| 09:09:43.262575 77:9c:7d:60:8:0 c:3f:b4:8:0:0 4500 401:
| 0183 df1d 7111 96fb 527f 2537 d
On Sun, Feb 27, 2005 at 10:37:34PM +0400, Ramsurrun Visham wrote:
| Hi to all,
|
| I would like to know how do we grab the icmp header from an ethernet frame. I
believe we have to jump pass the ethernet and IP headers..
no - we actually need to parse through the IP header to find out if the head
Hi,
I had to dump some RFC2684 atm bridge interfaces for a customer. We
often have some strange messages :
09:09:43.262575 77:9c:7d:60:8:0 c:3f:b4:8:0:0 4500 401:
0183 df1d 7111 96fb 527f 2537 d50b
858f 7325 18ca 016f 36a5 474e 4403 aa2e
- Original Message -
From: "Felipe Kellermann" <[EMAIL PROTECTED]>
To:
Sent: Sunday, February 20, 2005 9:44 PM
Subject: Re: [tcpdump-workers] PCAP-NG suggestion
On Sun, 20 Feb 2005 7:21pm +0100, Gianluca Varenni wrote:
Uhm. At first, I thought it was a great idea. Now I have some doubt
