Lei Wei writes:
if I use the filter "ip or (vlan and ip)", the packet returned from
pcap contains the VLAN tag. I wonder
if there's a way to let the OS to strip off the tag before deliverying?
It really depends on the OS - I can't say anything about FreeBSD. While
it is possible to have Linu
> Thanks alot Alex, that's exactly the problem since the university uses VLAN
> based on packet tags.
> Actually I'm using pcap to do some packet payload processing on FreeBSD. It
> seems right now that
> if I use the filter "ip or (vlan and ip)", the packet returned from pcap
> contains the VLAN t
Thanks alot Alex, that's exactly the problem since the university uses VLAN
based on packet tags.
Actually I'm using pcap to do some packet payload processing on FreeBSD. It
seems right now that
if I use the filter "ip or (vlan and ip)", the packet returned from pcap
contains the VLAN tag. I wonder
Hi,
Took a copy of
http://osdir.com/ml/network.tcpdump.devel/2007-06/gz6uDhoS8XH2.gz ( By
Jan Andres)
running on downloaded latest Pcap on up to date Centos5
works great for me
would be good to get it in the main line
Stuart
--
On Sep 10, 2008, at 4:20 AM, Munish Dayal wrote:
ls -l /usr/lib/libpcap.*
-rw-r--r-- 1 root root 242398 Jul 13 2006 /usr/lib/libpcap.a
lrwxrwxrwx 1 root root 16 Sep 10 16:24 /usr/lib/libpcap.so ->
libpcap.so.0.9.4
lrwxrwxrwx 1 root root 16 Jul 9 17:21 /usr/lib/libpcap.so.0 ->
l
You wrote:
...matched by the filter expression, so with a filter, tcpdump can
only process
3984 out of 1091656 ip packets And also, the port I'm monitoring
on is a mirror of the
department building uplink, it should have a major component of ip
packets.
As Guy Harris pointed out, , the f
>> ls -l /usr/lib/libpcap.*
-rw-r--r-- 1 root root 242398 Jul 13 2006 /usr/lib/libpcap.a
lrwxrwxrwx 1 root root 16 Sep 10 16:24 /usr/lib/libpcap.so ->
libpcap.so.0.9.4
lrwxrwxrwx 1 root root 16 Jul 9 17:21 /usr/lib/libpcap.so.0 ->
libpcap.so.0.9.4
lrwxrwxrwx 1 root root 16 Jul 9 1
On Sep 9, 2008, at 10:21 PM, Munish Dayal wrote:
I have built Wireshark from source on my Linux RHEL 4 system, that
has libpcap version 0.8.3 installed.
But when I try to run this Wireshark on a Linux system with RHEL 5
(libpcap version 0.9.4), I get an error:
"error while loading shared l
