tcpdump mailing list archives
Bug in tcpdump -tt timestamps
From: Jim Mellander <jmellander () lbl gov>
Date: Tue, 9 Oct 2012 16:40:44 -0700
Hi: On tcpdump 4.1.1, printing from a saved standard format pcap file: $ tcpdump -nn -tt -s 0 -r 128.XX.XX.197.icmp.trace |head -3 reading from file 128.XX.XX.197.icmp.trace, link-type EN10MB (Ethernet) 18:45:55.966123176 IP 128.XX.XX.197 > 78.186.239.143: ICMP host 128.XX.XX.33 unreachable, length 36 18:45:56.266157176 IP 128.XX.XX.197 > 212.152.40.91: ICMP host 128.XX.XX.103 unreachable, length 36 18:45:57.466110176 IP 128.XX.XX.197 > 72.32.167.183: ICMP host 128.XX.XX.115 unreachable, length 36 $ printing again: $ tcpdump -nn -tt -s 0 -r 128.XX.XX.197.icmp.trace |head -3 reading from file 128.XX.XX.197.icmp.trace, link-type EN10MB (Ethernet) 18:45:55.966123552 IP 128.XX.XX.197 > 78.186.239.143: ICMP host 128.XX.XX.33 unreachable, length 36 18:45:56.266157552 IP 128.XX.XX.197 > 212.152.40.91: ICMP host 128.XX.XX.103 unreachable, length 36 18:45:57.466110552 IP 128.XX.XX.197 > 72.32.167.183: ICMP host 128.XX.XX.115 unreachable, length 36 $ The final 3 digits of the timestamp are bogus and always the same throughout the run. Since the timestamps are stored in microsecond precision, shouldn't the last 3 digits be 0's? Thanks in advance. _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Bug in tcpdump -tt timestamps Jim Mellander (Oct 09)
- Re: Bug in tcpdump -tt timestamps sthaug (Oct 09)
- Re: Bug in tcpdump -tt timestamps Jim Mellander (Oct 10)
- Re: Bug in tcpdump -tt timestamps Michael Richardson (Oct 10)
- Re: Bug in tcpdump -tt timestamps sthaug (Oct 09)