Problem with tcpdump file

["Cliff Clavin" <postbote_cliff () hotmail com>]

Hi,

some days ago I read smtp and http traffic with tcpdump at different 
switches. For further analysis I want to use another software, which can 
read tcpdump files. (tcpdump 0.7.2)

Now I have the problem that the other software can read the http-tcpdump 
files, but not the smtp-tcpdump files. Ethereal can do it!

I saw that there are some stp and loop packets in the tcpdump files. I tried 
to filter these protocols out with tethereal and conversion, but I had no 
success.

Example: tethereal -d tcp.port==25,smtp -r filein -w fileout -F 
ngwsniffer_2_0 - (stp protocol still there)

If I filter these packets out with ethereal and save only the displayed 
content I had no success too. The new file couldn't be read by my analysis 
software.

So I'm wondering if anybody has a idea how to filter, convert or analyse the 
tcpdump files with programs like ethereal, tethereal, editcap, tcpdump to 
get this thing running.

How can I distinguish why the software can read the http-tcpdump files and 
not the smtp-tcpdump files?

Thanks in advance

with best regards
Cliff

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* 
http://join.msn.com/?page=features/junkmail

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe