From owner-freebsd-questions Sun Oct 22 21: 1:18 2000 Delivered-To: freebsd-questions@freebsd.org Received: from pericles.IPAustralia.gov.au (pericles.IPAustralia.gov.au [202.14.186.30]) by hub.freebsd.org (Postfix) with ESMTP id 9F27837B479 for ; Sun, 22 Oct 2000 21:01:14 -0700 (PDT) Received: (from smap@localhost) by pericles.IPAustralia.gov.au (8.9.3/8.9.3) id PAA50408 for ; Mon, 23 Oct 2000 15:01:13 +1100 (EST) (envelope-from anwsmh@IPAustralia.Gov.AU) Received: from disc-4-161.aipo.gov.au(10.0.4.161) by pericles.IPAustralia.gov.au via smap (V2.0) id xma050395; Mon, 23 Oct 00 15:00:47 +1100 Received: from localhost (anwsmh@localhost) by stan.aipo.gov.au (8.9.3/8.9.3) with ESMTP id PAA20423 for ; Mon, 23 Oct 2000 15:00:47 +1100 (EST) (envelope-from anwsmh@IPAustralia.Gov.AU) X-Authentication-Warning: stan.aipo.gov.au: anwsmh owned process doing -bs Date: Mon, 23 Oct 2000 15:00:46 +1100 (EST) From: Stanley Hopcroft X-Sender: anwsmh@stan.aipo.gov.au To: freebsd-questions@FreeBSD.oRG Subject: tcpdump doesn't work properly (filter expressions break normal output) in 4.0, 4.1-R In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dear Ladies and Gentlemen, I am writing to say that I think there is something wrong with libpcap/bpf/tcpdump shipped with 4.0-RELEASE and 4.1-RELEASE. The problem is that as soon as filter expression is given to tcpdump eg tcpdump -x -s1500 -l port telnet, then the only packets displayed are those from the localhost (that running tcpdump); the replies are *not* shown. If the filter is removed, both client and server packets are displayed. Thank you. Yours sincerely, S Hopcroft Network Specialist IP Australia +61 2 6283 3189 +61 2 6281 1353 FAX To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message