help with tcpdump cmd syntax
fbsd_user at a1poweruser.com
Sat Apr 8 12:56:35 UTC 2006
tcpdump -i rl0 src host 18.104.22.168 -w /usr/tcpdump.data
tcpdump -i rl0 host 22.214.171.124 -w /usr/tcpdump.data
tcpdump -i rl0 src ip 126.96.36.199 -w /usr/tcpdump.data
but got syntax error msg with no hint of what was wrong
If I remove the -w stuff it works. Meaning it prints to the screen.
But I want to write to file
Can you help me out here on the syntax error?
One other thing. When does tcpdump get access to the packet?
My firewall has a block log rule for that ip address.
Does tcpdump see the packet before ipfilter ipnat does?
More information about the freebsd-questions