Re: More than one capture

[Stephan Knabe <sknabe () ifh de>]

On Fri, 28 Nov 2003, Guy Harris wrote:

> On Fri, Nov 28, 2003 at 04:58:19PM +0100, Stephan Knabe wrote:
> > I was programming an application which does a kind of packet-accounting
> > using libpcap. But taking a look at the results I am getting, I see a few
> > strange things. Because the box runs in an large switched environment with
> > a lot of network-services, it might be that these results are really true.
>
> What sort of strange things are you seeing?

I.e. lots of UDP-Connections from unprivileged to unprivileged ports. But
here is a lot of nis, ldap, x over ssh and so on. Because I am new here, I
want to do the second capture.

> > Can I run a second application doing a capture on my linux-box or
> > will they concurrent in any way? So could I run my own
> > capturing-application AND tcpdump on the same system without loosing
> > info or packets?
>
> It should be possible to run more than one packet-capturing application
> at the same time on most, if not all, OSes that support libpcap; it
> should, in particular, be possible to do so on Linux.

So I'll give it a try.

Thanks for the quick answer,

Stephan Knabe

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe