Latha G wrote:
Hi all,
Thanks for your support till now.
I want to clarify few things about the tcpdump -r option
I just used tcpdump -w dump.pcap
The -r option is used just to read back what we stored using -w option or
can we use the dump.pcap file as network and we can apply all options &
f
On Tue, Feb 21, 2006 at 06:51:11PM -0800, Guy Harris wrote:
>
> On Feb 21, 2006, at 6:42 PM, axi wrote:
>
> >When tcpdump receives a packet with prism headers recognized as above
> >:
> >
> >" listening on ath0, link-type PRISM_HEADER (802.11 plus Prism
> >header),
> >capture size 96 bytes"
> >
Hi all,
Thanks for your support till now.
I want to clarify few things about the tcpdump -r option
I just used tcpdump -w dump.pcap
The -r option is used just to read back what we stored using -w option or
can we use the dump.pcap file as network and we can apply all options &
filters
i mean lik
Thanks, maybe I was very tired to see DEFAULT_SNAPLEN ( here are 4:35 p.m )
and snaplen variable in pcap_open_live.
Thanks for all, now it works,
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
On Feb 21, 2006, at 6:42 PM, axi wrote:
When tcpdump receives a packet with prism headers recognized as above
:
" listening on ath0, link-type PRISM_HEADER (802.11 plus Prism
header),
capture size 96 bytes"
always prints "[|802.11]", with data, control or administration
packets. The
size
Hi to all,
this is my first message to the list, first excuse because my english and
other mistakes.
I'm developing a decoder of 802.11 packets for Snort, and the first is to
watch how that is maded in other tools,
like Kismet, Ethereal/Tethereal, and tcpdump.
Now, I'm making probes with tcpdump,
On Wed, Feb 22, 2006 at 08:37:18AM +0800, kashif javed wrote:
> I am using RedHat Linux 9.0 and its version of pcap doesnt support the
> apis mentioned by you pcap_inject() and pcap_sendpacket() . So i tried
> downloading libpcap 0.9.4 from and it does support the two
> aforementioned apis. Now i a
I am using RedHat Linux 9.0 and its version of pcap doesnt support the
apis mentioned by you pcap_inject() and pcap_sendpacket() . So i tried
downloading libpcap 0.9.4 from and it does support the two
aforementioned apis. Now i am confused how to make it possible that my
application uses the latest
- Original Message -
From: "Hannes Gredler" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: ; <[EMAIL PROTECTED]>
Sent: Sunday, February 12, 2006 12:13 PM
Subject: [ntar-workers] PCAP-NG / Interface ID size / Drops Counter size ?
hi fulvio, et al,
i was digesting the pcap-ng spec an
