two general questions tcpdump

[Andrej van der Zee <andrejvanderzee () gmail com>]

Hi,

I could not find any users-list for tcpdump, so I am sorry if I offend
anybody.

I have two questions about tcpdump:

1) I get many UDP packages that have an IP that is not bound to one of my
interfaces, like this one (the local IP is 10.69.26.61.22):
1240473922.435472 00:1a:64:79:b9:4c > ff:ff:ff:ff:ff:ff, IPv4, length 550:
10.69.26.35.32768 > 10.69.26.255.9900: UDP, length 504
Now it turns out that 10.69.26.35 is the IP of my gateway. I was wondering
why they are logged.

2) Is it possible to get the options of tcpdump that were given on the
command from a .cap file? The problem is that I get .cap files from another
department, and I want to check the interface(s) and IP(s) (and maybe other
usefull info).

Thank you,
Andrej
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.