tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sequence Numbers

From: sthaug () nethelp no
Date: Thu, 13 Jan 2011 09:03:44 +0100 (CET)
Do newer version of tcpdump no longer show TCP sequence numbers without the -vv 
flag? Or is this some kind of FreeBSD bug?


Known problem, nothing to do with FreeBSD. See the thread "forces (and
sctp) patch starting at 10. Jan 2010 at

http://news.gmane.org/gmane.network.tcpdump.devel

Not fixed in any released version of tcpdump as far as I can see. Highly
irritating.

Steinar Haug, Nethelp consulting, sthaug () nethelp no





FreeBSD 7.2 (tcpdump 3.9.7):

07:06:47.765297 IP x.x.x.x.58894 > 209.87.252.181.443: P 285:344(59) ack 1589 
win 16695
07:06:47.827029 IP 209.87.252.181.443 > x.x.x.x.58894: P 1589:1648(59) ack 344 
win 33580
07:06:47.861615 IP x.x.x.x.58894 > 209.87.252.181.443: P 344:1117(773) ack 1648 
win 16680
07:06:48.114280 IP 209.87.252.181.443 > x.x.x.x.58894: . ack 1117 win 33580


FreeBSD 8.x (tcpdump 4.0.0):

07:10:17.303178 IP x.x.x.x.4433 > 209.85.225.105.80: Flags [.], ack 1391, win 
64512, length 0
07:10:17.307536 IP 209.85.225.105.80 > x.x.x.x.4433: Flags [.], ack 621, win 
9648, length 1390
07:10:17.308729 IP x.x.x.x.4433 > 209.85.225.105.80: Flags [.], ack 1391, win 
64512, length 0
07:10:17.340326 IP 209.85.225.105.80 > x.x.x.x.4433: Flags [.], ack 621, win 
9648, length 1390
07:10:17.340330 IP 209.85.225.105.80 > x.x.x.x.4433: Flags [.], ack 621, win 
9648, length 1390
07:10:17.341588 IP x.x.x.x.4433 > 209.85.225.105.80: Flags [.], ack 4171, win 
64512, length 0


To me the 3.9.7 output is much more useful.

-Steve



      -
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: