Hello everyone, I have a network application on Linux that creates connections by socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)).
The connection setup and transfer worked, but when I capture traffic by tcpdump, it only shows incoming packets but not outgoing ones (e.g. for TCP, it captured SYN/ACK but not SYN and third ACK). I did try to specify the interface (-i eth0) instead of "-i any", and did not specify 'tcp' filter, but it didn't help. Then I switched to tshark but the same issue happened so it might be related to libpcap. I post the question here since I cannot find the libpcap mailing list. I don't know it if there is anything I missed, or if not then what could be the solution/workaround for this? Thank you for your help! Regards, Hoang _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
