tcpdump mailing list archives
Dropping packets
From: Rodrigo Ramos <rodrigo.ramos () triforsec com br>
Date: Sat, 28 Aug 2004 10:11:57 -0300
Hi, I know it may not have a simple answer but lets go. I am running a Linux version 2.4.20-31_38.rh9 with tcpdump-3.7.2-7.9.1 and snort-2.2.0-1.0. I did run both as sniffers one at a time and sow that both dropped packets. 2233 packets received by filter 18 packets dropped by kernel Snort received 455 packets Analyzed: 179(39.341%) Dropped: 276(60.659%) My question is "What can make the kernel drop packets?" My link is 512k and my machine is: model name : AMD Athlon(TM) XP 1800+ stepping : 1 cpu MHz : 1533.426 cache size : 256 KB Mem : 512 MB Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 16). libpcap-0.7.2-7.9.1 Best regards, -- Rodrigo Ramos 55 81 3463.1593 55 81 8851.3524 http://www.triforsec.com.br http://www.defenselayer.com Key fingerprint = F381 366D D233 22B4 7E72 A21D DE9B 2FF3 71CF E098
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Dropping packets Rodrigo Ramos (Aug 28)