Problem using tcpdump with tcpshow (from ports) - get errors
N. Harrington
drumslayer2 at yahoo.com
Thu Aug 3 18:17:32 UTC 2006
Hello
For some time now I have been watching tcp dumps by
sending them through tcpshow -cooked. (from the ports
tree) This has worked quite well on BSD 4.X and also I
believe 5.2.1.
However, now when I try to do this on a 5.5 or 6.1
server, I get an error.
Can anyone help with why I might be getting these
errors with later versions of FreeBSD?
I have tried all I can think of.
tcpdump -i bge1 -s 1518 -lenx | tcpshow
tcpdump: verbose output suppressed, use -v or -vv
for
full protocol decode
listening on bge1, link-type EN10MB (Ethernet),
capture size 1518 bytes
tcpdump: 1 packets captured
162 packets received by filter
0 packets dropped by kernel
bad dump file format
Or
tcpdump -i bge1 -s 1518 -lenx | tcpshow -cooked
tcpdump: verbose output suppressed, use -v or -vv
for
full protocol decode
listening on bge1, link-type EN10MB (Ethernet),
capture size 1518 bytes
---------------------------------------------------------------------------
Packet 1
***Error: Badly formatted Ethernet address
1 packets captured
178 packets received by filter
0 packets dropped by kernel
Thanks!!
Nicole
The Large Print Giveth And The Small Print Taketh Away
-- Anon
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-questions
mailing list