tcpdump mailing list archives
Re: code seems to support 5353 - but pkts aren't printed as DNS, why?
From: Guy Harris <guy () alum mit edu>
Date: Tue, 4 Nov 2003 20:20:46 -0800
On Tue, Nov 04, 2003 at 10:58:57PM -0500, Sam Roberts wrote:
A quick look through the tcpdump code base makes it look like both 53 and 5353 are recognized as DNS ports, but when I dump the traffic on my network, I don't see the pretty-printing of the contents of mDNS packets as I do DNS packets. Any suggestions as to why?
Because tcpdump 3.7.2 doesn't decode 5353 as DNS.
Can I get this to work like I want?
Yes, by:
I am using tcpdump 3.7.2 on OS X, built from a .tgz I just downloaded.
downloading a different tarball:
http://www.tcpdump.org/#current
Get the "tcpdump-current.tar.gz" tarball and build that.
(Or try upgrading to Panther - it has a tcpdump based on a post-3.7 CVS
snapshot, and might decode 5353 as DNS.)
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- code seems to support 5353 - but pkts aren't printed as DNS, why? Sam Roberts (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? Guy Harris (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? Sam Roberts (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? Guy Harris (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? itojun (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? Sam Roberts (Nov 04)
- Re: code seems to support 5353 - but pkts aren't printed as DNS, why? Guy Harris (Nov 04)