tcpdump

Dale R. Worley (worley@ariadne.com)
Tue, 25 Feb 1997 15:59:06 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Hinds: "Re: IRQ 12 collision ps/2 mouse vs. PCMCIA"
Previous message: Michael Thomas: "Re: SCSI problems still there"

Things are slightly better with tcpdump 3.3.1a2, the latest version at
ftp://ftp.ee.lbl.gov/.

With that version, PPP packets are filterable, but unfortunately, the
Linux kernel is not returning the PPP protocol type to the user-level
code, so tcpdump is just assuming that the packets are IP packets.
However, it works most of the time. What is needed is to fix Linux to
return the link-level information on PPP raw sockets, and then fix
tcpdump to read the protocol type.

tcpdump is still printing all packets twice when looking at the
loopback device, probably because the kernel is returning them twice.

Dale

--
Dale R. Worley					Ariadne Internet Services
Voice: +1 617-899-7949   Fax: +1 617-899-7946	E-mail: worley@ariadne.com
"Internet-based electronic commerce solutions to real business problems."

Next message: David Hinds: "Re: IRQ 12 collision ps/2 mouse vs. PCMCIA"
Previous message: Michael Thomas: "Re: SCSI problems still there"