tcpdump mailing list archives
tcpdump -enx Format
From: Igor Galić <i.galic () brainsware org>
Date: Thu, 25 Sep 2008 12:42:31 +0200 (CEST)
Hello tcpdump maintainers, in search for a remotely adequate snoop replacement on other Unices, I stumbled over the now long unmaintained ``tcpshow''. The *BSD ports include patches that fix it's behaviour up to tcpdump 3.8.x. Unfortunately the format used by tcpshow (-enx, in particular, -e) appears to have been changed in 3.9.x, or at least that is what it's error message "Badly formatted Ethernet address suggests." Now my question, of course, is in how far that format has changed: If I'm reading the source code correctly, the preceding TIME has been dropped. I'd be very happy if you could give me some pointers. Thank you in advance. So long, Igor - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- tcpdump -enx Format Igor Galić (Sep 25)