tcpdump mailing list archives
Should the default snapshot length in tcpdump be 65535?
From: Guy Harris <guy () alum mit edu>
Date: Fri, 20 Feb 2009 19:08:19 -0800
The "tcp" in "tcpdump" is a bit old - people use it for doing more than just looking at TCP headers these days - and it sounds as if the problem Torsten Krah had tring to decrypt ipsec traffic was due to the packets being cut short by a snapshot length.
Would it make sense to have tcpdump default to the maximum snapshot length, rather than 68 (without IPv6 support) or 96 (with IPv6 support)?
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Should the default snapshot length in tcpdump be 65535? Guy Harris (Feb 20)
- Re: Should the default snapshot length in tcpdump Aaron Turner (Feb 20)
- Re: Should the default snapshot length in tcpdump Eloy Paris (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Michael Richardson (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Ken Bantoft (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Francois-Xavier Le Bail (Feb 23)
- Re: Should the default snapshot length in tcpdump be 65535? Ken Bantoft (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Guy Harris (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in Eloy Paris (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Francois-Xavier Le Bail (Mar 22)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in tcpdump Aaron Turner (Feb 20)