Re: Newbie user question: Getting packets from

[KEVIN ZEMBOWER <KZEMBOWE () jhuccp org>]

Guy, thank you for your persistence in trying to get an answer to me.

Unfortunately, this is what I got:
www:~# tcpdump src host centernet.jhuccp.org and \( ip proto \\tcp or \\udp \)
tcpdump: listening on eth0
15:11:03.982156 virtual.jhuccp.org.59210 > ns1.jhmi.edu.domain:  59291+ AAAA? centernet.jhuccp.org. (38) (DF)
15:11:03.983680 ns1.jhmi.edu.domain > virtual.jhuccp.org.59210:  59291* 0/1/0 (97) (DF)
15:11:03.984119 virtual.jhuccp.org.59210 > ns1.jhmi.edu.domain:  59292+ A? centernet.jhuccp.org. (38) (DF)
15:11:03.986212 ns1.jhmi.edu.domain > virtual.jhuccp.org.59210:  59292* 1/2/2 A 162.129.225.192 (130) (DF)

4 packets received by filter
0 packets dropped by kernel
www:~# 

As you can see, I'm still getting packets from ns1.jhmi.edu on the DNS port.

If it helps, I'm using bash 2.05 on a Debian woody (stable, 3.0) distro running kernal 2.4.18.

Thanks, again.

-Kevin 

> > > guy () alum mit edu 09/27/04 02:59PM >>>
KEVIN ZEMBOWER wrote:

> www:~# tcpdump src host centernet.jhuccp.org and ip proto \\tcp or \\udp

Try
        src host centernet.jhuccp.org and (ip proto \\tcp or \\udp)
instead.

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.