Date: Thu, 3 Aug 2006 11:15:02 -0700 (PDT) From: "N. Harrington" <drumslayer2@yahoo.com> To: freebsd-questions@freebsd.org Subject: Problem using tcpdump with tcpshow (from ports) - get errors Message-ID: <20060803181502.98187.qmail@web34501.mail.mud.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello
For some time now I have been watching tcp dumps by
sending them through tcpshow -cooked. (from the ports
tree) This has worked quite well on BSD 4.X and also I
believe 5.2.1.
However, now when I try to do this on a 5.5 or 6.1
server, I get an error.
Can anyone help with why I might be getting these
errors with later versions of FreeBSD?
I have tried all I can think of.
tcpdump -i bge1 -s 1518 -lenx | tcpshow
tcpdump: verbose output suppressed, use -v or -vv
for
full protocol decode
listening on bge1, link-type EN10MB (Ethernet),
capture size 1518 bytes
tcpdump: 1 packets captured
162 packets received by filter
0 packets dropped by kernel
bad dump file format
Or
tcpdump -i bge1 -s 1518 -lenx | tcpshow -cooked
tcpdump: verbose output suppressed, use -v or -vv
for
full protocol decode
listening on bge1, link-type EN10MB (Ethernet),
capture size 1518 bytes
---------------------------------------------------------------------------
Packet 1
***Error: Badly formatted Ethernet address
1 packets captured
178 packets received by filter
0 packets dropped by kernel
Thanks!!
Nicole
The Large Print Giveth And The Small Print Taketh Away
-- Anon
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060803181502.98187.qmail>