You saved my day. The -n option did it. Thanks a lot.
On Thu, Oct 15, 2009 at 6:46 PM, Abhijit Bare <abhib...@gmail.com> wrote: > Can you try using "-n" option? I have seen tcpdump not responding to ctrl+c > if "-n" is not used and it is busy doing DNS resolutions on all IP addresses > it received, as that is the default behavior. That might also drop packets > at kernel level. > > Other thing to try out is using "-w" option to write to a pcap file instead > of printing out in realtime. > > - Abhijit > > On Thu, Oct 15, 2009 at 1:57 AM, Ali Jawad <alijaw...@gmail.com> wrote: > >> Hi >> When I do launch TCPDUMP it does not fetch traffic as it should I am >> remotely connected to a CLI only Debian system and if I run tcpdump >> for 5 minutes all I get is a couple of packets. Another strange thing >> is that I can not stop tcpdump with ctrl + c ..all I get is ^C. >> I did try using dpkg installer and installing 4.0 and 3.9.8 from source. >> >> monitor01:/usr/src# tcpdump -V >> tcpdump version 3.9.8 >> libpcap version 0.9.8 >> >> monitor01:/usr/src# uname -a >> Linux monitor01 2.6.29.2.20090503.x3550 #1 SMP Sun May 3 12:57:31 CDT >> 2009 x86_64 GNU/Linux >> >> monitor01:/usr/src# tcpdump -v >> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 >> bytes >> ^C^C^C^C^C^C^C^C^C^C^C >> >> >> monitor01:/usr/src# tcpdump -v -c 3 >> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 >> bytes >> 03:51:59.173723 IP xxxxxxxxxxxxxxxxxxxxxx >> 03:51:59.174215 IP xxxxxxxxxxxxxxxxxxxxxxxx >> 03:51:59.176474 IPxxxxxxxxxxxxxxxxxxxxxxxxxx >> 3 packets captured >> 113 packets received by filter >> 0 packets dropped by kernel >> >> The result above took 4 minutes....!!! >> >> Any more info or hints needed ? >> >> Regards >> - >> This is the tcpdump-workers list. >> Visit https://cod.sandelman.ca/ to unsubscribe. >> > - > This is the tcpdump-workers list. > Visit https://cod.sandelman.ca/ to unsubscribe. > - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
