Hi folks.
Is there somebody who can direct me in the ways of tcpdump?
I have configured PacketFilter and put the interface into promiscous
mode. My machine is on a 10/100 switch. When I test it it gives:
Legba:/ns_imap# tcpdump -i tu1
tcpdump: listening on tu1
Using kernel BPF filter
08:04:39.810038 0:90:27:e0:13:62 iso-clns > ff:ff:ff:ff:ff:ff global I
(s=40,r=0,F) len=76
0314 abec eda1 ffff ffff ffff 0455 0abe
ceda 0060 9772 9fe4 0455 0abe ceda 0abe
ce99 abec eda5 0000 0000 0000 0000 0000
0000
... ETC ...
So, it seams to be working. The problem is it prints only ARP, RIP and
similar stuff that broadcast - no surprize there.
Now I would like to sniff my own sessions with other hosts (IMAP4, POP3
and similar). The problem is nothing gets through. For example:
------------------------------------------------------------
Legba:/ns_imap# tcpdump -i tu1 'icmp and host 192.168.61.18'
tcpdump: listening on tu1
Using kernel BPF filter
0 packets + 1 discarded by interface
Legba:/ns_imap#
------------------------------------------------------------
I have started a ping on the other dtterm and after giving up, pressed
Ctrl-C. No matter what I try, it doesn't work. I remember I made it work
once, but I forgot how. All I remember is that it was some crazy
combination of statements.
Is there something obvious I'm missing? Man pages and examples ARE NOT
WORKING!
Nix.
--
Received on Tue Oct 10 2000 - 06:09:01 NZDT