tcpdump mailing list archives
Re: direction during capture
From: "Gisle Vanem" <giva () bgnett no>
Date: Mon, 23 Dec 2002 15:12:16 +0100
"Iain McAleer" <iain () security asn au> said:
I've been looking at the source for pcap and can't seem to see how you manage to get it to capture packets sent by the host the pcap code is running on, i have done read() andn recvfrom() and both only seem to pick up packets received by the host. if anyone can direct me to the pcap code or give me a breif explination it would be greatly appreciated
If it's IP -traffic you want, simply use tcpump ip src <your ip-address> For all ether-traffic from your machine, use tcpump ether src <your MAC-address> Use option '-d-' to check what the filter code actually is if in doubt. Gisle V. - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- direction during capture Iain McAleer (Dec 23)
- Re: direction during capture Gisle Vanem (Dec 23)
- RE: direction during capture Iain McAleer (Dec 23)
- Re: direction during capture Guy Harris (Dec 27)
- Re: direction during capture Gisle Vanem (Dec 23)