On Jan 19, 2010, at 5:35 AM, sth...@nethelp.no wrote:
> Note that the info about TCP sequence numbers is gone.
Fixed in the top-of-tree version:
commit 1859a4aac8b7c5b7ab64c9e748fc10100199a98f
Author: Guy Harris
Date: Sun Mar 1 13:57:53 2009 -0800
From Ilpo Järvinen: fix printing of TCP
Hi,
On Tue, Jan 19, 2010 at 02:35:15PM +0100, sth...@nethelp.no wrote:
> but that also gives us the multi-line format. My claim is that the 3.9.8
> format is much preferable (gives me more relevant info) in the face of no
> -v option.
Seconded. Sequence numbers is highly important for debugging
> Darren> I'm curious about what the motivation is for splitting the
> Darren> timestamp and packet data onto separate lines is.
>
> I think it just kinda happened.
> I would have to go back and look at who did what... I think that it
> does not occur in IP/TCP, but it does in IP/SCTP
On 18/01/2010 9:27 PM, Michael Richardson wrote:
"Darren" == Darren Reed writes:
Darren> This kind of change to the defaul behaviour warrants bumping
Darren> the version number from 4.x to 5.x because this is a
Darren> significant change in the output of
> "Darren" == Darren Reed writes:
Darren> This kind of change to the defaul behaviour warrants bumping
Darren> the version number from 4.x to 5.x because this is a
Darren> significant change in the output of
Yes, this is why I ask, "now?"
Darren> I'm curious about what t
On 12/01/2010 6:57 PM, Michael Richardson wrote:
"sthaug" == sthaug writes:
>> Well, it gets in the way of all types of things, for example:
>>
>> tcpdump-v -i foo.cap | egrep pattern | wc -l
>>
>> I think the behaviour should be the reverse of the
> "sthaug" == sthaug writes:
>> Well, it gets in the way of all types of things, for example:
>>
>> tcpdump-v -i foo.cap | egrep pattern | wc -l
>>
>> I think the behaviour should be the reverse of the -g in Mac OS X
>> and that is it should be necessary to use some
> Well, it gets in the way of all types of things, for example:
>
> tcpdump-v -i foo.cap | egrep pattern | wc -l
>
> I think the behaviour should be the reverse of the -g in Mac OS X
> and that is it should be necessary to use some new command line
> option to force tcpdump to insert new lines be
On 11/01/2010 1:29 AM, Michael Richardson wrote:
...
I was initially concerned about the output with -v, as it is multiline,
and I think that without -v, one packet should occupy one line.
This makes postprocessing easier, and certainly makes grep easier.
Maybe we need another option, "--human"..
On Jan 10, 2010, at 11:59 AM, Michael Richardson wrote:
> With -v, the ip printer now starts a new line before the protocol.
> I am wondering if this was a wise change to have made Comments?
To quote the man page for the 4.0.0-based tcpdump on OS X Snow Leopard:
-g Do not inse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jamal sent me a printer for IETF FORCES packets (over SCTP), which I
committed this afternoon, along with two test inputs. I added a second
test case for the longer input packet with one -v.
You can see the output at:
http://github.com/mcr/tcpdum
11 matches
Mail list logo
