tcpdump mailing list archives
Re: Should the default snapshot length in tcpdump be 65535?
From: Guy Harris <guy () alum mit edu>
Date: Thu, 5 Mar 2009 01:20:57 -0800
On Feb 20, 2009, at 7:08 PM, Guy Harris wrote:
The "tcp" in "tcpdump" is a bit old - people use it for doing more than just looking at TCP headers these days - and it sounds as if the problem Torsten Krah had tring to decrypt ipsec traffic was due to the packets being cut short by a snapshot length.Would it make sense to have tcpdump default to the maximum snapshot length, rather than 68 (without IPv6 support) or 96 (with IPv6 support)?
I've checked in a change to make the default snapshot length 65535. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Should the default snapshot length in tcpdump be 65535? Guy Harris (Feb 20)
- Re: Should the default snapshot length in tcpdump Aaron Turner (Feb 20)
- Re: Should the default snapshot length in tcpdump Eloy Paris (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Michael Richardson (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Ken Bantoft (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Francois-Xavier Le Bail (Feb 23)
- Re: Should the default snapshot length in tcpdump be 65535? Ken Bantoft (Feb 21)
- Re: Should the default snapshot length in tcpdump be 65535? Guy Harris (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in Eloy Paris (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in tcpdump be 65535? Francois-Xavier Le Bail (Mar 22)
- Re: Should the default snapshot length in tcpdump be 65535? Francois-Xavier Le Bail (Mar 25)
- Re: Should the default snapshot length in tcpdump be 65535? Arien Vijn (Mar 09)
- Re: Should the default snapshot length in tcpdump Aaron Turner (Feb 20)