> Date: Fri, 17 May 96 09:29:17 +1200
> From: "Mahendra Vallabh (Mike)" <mike_at_phys.waikato.ac.nz>
>
> How does one get tcpdump to work??
> I am trying, what seems to me, a simple test.
>
> In one window I have:
>
> pfconfig ln0 +p # Enable promiscuous mode
> tcpdump host host.domain
>
> tcpdump: listening on ln0
> Using kernel BPF filter
>
> In another window I do:
>
> ping somehost.domain
>
> Absolutely nothing turns ups in the window running tcpdump.
First, try:
% pfconfig +c ln0 (this assumes that your network device actually is ln0)
% tcpdump host host.domain
Then ping host.domain.
You don't need/want promiscuous mode to capture traffic sent from/to your
workstation, but you do need copyall. If you want to monitor traffic not
involving your system, you will need +p but not +c.
R. Kevin Oberman
Energy Sciences Network (ESnet)
Lawrence Berkeley National Laboratory (LBNL)
E-mail: oberman_at_es.net
Phone: +1 510 422-6955
Thanks Kevin! This is exactly what I wanted.
/------------------------------------------------------------------------\
| Mahendra Vallabh (Mike) |
| Analyst Programmer/Network Administrator |
| Physics Department |
| School of Science |
| University of Waikato Phone: +64 (7) 838 4208 |
| Hamilton Fax: +64 (7) 838 4219 |
| NZ Email: mike_at_phys.waikato.ac.nz |
| |
| Out the 10Base-T, through the router, down the T1, over the leased |
| line, off the bridge, past the firewall...nothing but Net |
\------------------------------------------------------------------------/
Received on Fri May 17 1996 - 02:02:23 NZST