Hi all,
Cann't we expect the output of tcpdump on different systems for the same
input file
to be same?
I am not getting the same output, in the sense it was differencing at the
hostnames..I suppose the problem might be DNS lookups,
one was using and the other one not.
Whether the both systems has
Hi,
Thanks a lot..
It works fine.
On 4/7/06, Guy Harris <[EMAIL PROTECTED]> wrote:
>
> Hannes Gredler wrote:
>
> > you may want to check the text2pcap utility
> > that comes along with ethereal for learning about
> > conversion to a libpcap readable format.
>
> Or, alternatively, with newer vers
Hi all,
Is there any way to construct manually a tcpdump readable packet?
As we know the header structres, we can fill those header information and
put it in a string(packet)..
then how to convert this packet to a raw packet such that it can be read by
tcpdump?
Thanks in advance.
--
Regards,
La
Hi all,
I read in tcpdump manpage that it supports WLAN.
My campus LAN is ethernet, so I want to see how the WLAN o/p will be, for
that I am seeing print_802_11.c
In that some of the Macros are like this
#defineFC_VERSION(fc)((fc) & 0x3)
#defineFC_TYPE(fc)(((fc) >> 2) & 0x
On 3/8/06, Hannes Gredler <[EMAIL PROTECTED]> wrote:
>
> latha,
>
> i fail to understand what your problem is ...
> what disturbs you with the (broadcast) output
> i.e. what is wrong with this ?
>
> /hannes
>
> Latha G wrote:
> > Hi Hanees,
> >
>
correct output or not..
And one more thing is , Is the tcpdump tested on any platform(OS)? so that i
can refer
the output on that platform..
My tcpdump version: 3.9.4
On 3/6/06, Hannes Gredler <[EMAIL PROTECTED]> wrote:
>
>
>
> Latha G wrote:
> > Hi all,
> >
>
Hi all,
I have one question about the output format of tcpdump.
How can we know whether the output from the tcpdump is in the correct
format?
Any file is there to know about the format of the output?
The printing of packets on the standard output is tcpdump's implementation
dependent, right?
Is th
Hi all,
Can we simultaneously run tcpdump many times...
I mean, I opened two terminals, Is it possible to run tcpdump on both these
terminlas simultaneously?
And if it so, is both the outputs same?
how it handles if we run simultaneously?
I am working on Fedora2 linux.
my tcpdump version: 3.8
Th
Hi all,
I had a little confusion over the output of tcpdump...
Every where I came across that ,
the tcpdump output is like
for ex, for tcp packets
timestamp src > dst: flags data-seqno ack window urgent
options
but in my system i am getting like,
timestamp ip src > dst:
Hi all,
The purpose of tcpdump -q option is given as Print less protocol
information so output lines are shorter.
Less protocol Information means how much less?
I used tcpdump -q ,the message came from tcpdump is
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
It capturing
Hi all,
I have a question on interpreting the output of -d option..
I used tcpdump -d option
o/p: (000) ret #96
I interpreted it as returning 96 bytes of the data.
and i used tcpdump -dd option
o/p: { 0x6, 0, 0, 0x0060 },
I interpreted, 0x6 refers to the opcode of ret instruction... 0x00
Hi all,
I am using tcpdump -s option for capturing 20 bytes of the packet..
I thought the output should come like [|arp] / [|ip] / [|igmp]
{corresponding to protocol}
means at that protocol, the packet was truncated..
but for my surprise for arp packets it was coming like truncated-arp
and pac
.pcap right?
On 2/22/06, Hannes Gredler <[EMAIL PROTECTED]> wrote:
>
>
>
> Latha G wrote:
> > Hi all,
> >
> > Thanks for your support till now.
> > I want to clarify few things about the tcpdump -r option
> > I just used tcpdump -w dump.pcap
>
Hi all,
Thanks for your support till now.
I want to clarify few things about the tcpdump -r option
I just used tcpdump -w dump.pcap
The -r option is used just to read back what we stored using -w option or
can we use the dump.pcap file as network and we can apply all options &
filters
i mean lik
Hi all,
Please any one help me to understand the tcpdump -T option..
Actually why is this necessary to interpret one packet to be of other type,
whether this option is
designed keep in mind of any other applications or the tcpdump modifies the
packet format to be of required type and prints it out
Hi all,
I am using tcpdump. As I want to capture the tcpdump output ,
I am usingtcpdump -c 1 > filedump
It is finely working.
But unfortunately now it is not working. Even -w option also not working.
I mean the expected ouput file doesn't contains the output, it was just
empty. But th
Hi all,
I have one doubt on tcpdump's -s option.
I had given "tcpdump -c 1 -s 40 > file", after that i checked the file
size using "ls -l file",
what i got the file size is some 83 bytes. It was varying from time to time
i executed the tcpdump, some times the file size is 232 bytes, anyway i am
g
Hi all,
I need some information regarding the quality of the tcpdump means its
functional correctness.
Is the tcpdump works perfectly on all opearting systems? [means with 100%
assurance]
If anyone of you has worked on this area, please let me know the results of
it.
Thanks in advance.
--
Thaks
Hi all,
Can any one explain me about the outputs of tcpdump -xx and -XX options.
The outputs for these options looks like:
tcpdump -xx:
15:56:04.440349 arp who-has 172.16.38.3 tell 172.16.16.110
0x: 0003 4724 f364 0806 0001 G$.d
0x0010: 0800 0604 0
Hi Harris,
Thanks you very much for your support.
Now i understood the output.
--
Thaks & Regards,
Latha.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
5 packets captured
9 packets received by filter
0 packets dropped by kernel
On 11/22/05, Guy Harris <[EMAIL PROTECTED]> wrote:
>
> Latha G wrote:
> > In my system,
> > YYY is EN10MB and
> > ZZZ is Ethernet.
> >
> > But for tcpd
In my system,
YYY is EN10MB and
ZZZ is Ethernet.
But for tcpdump -e option gives correct output only.
Means the link level headers are prited out.
Why it happens for -xx , that it is not printing header information.
On 11/22/05, Guy Harris <[EMAIL PROTECTED]> wrote:
>
> Latha G wrot
Hi all,
I am new to thi group.
I am working on tcpdump for my project.
I am not getting the correct output for the -xx option as mentioned in the
man page: -xx option prints packets (including its link level header) in
hex.
And -x option prints packets (except link level header) in hex.
But on my s
23 matches
Mail list logo
