From owner-freebsd-net@FreeBSD.ORG Tue Aug 23 16:56:16 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6465916A41F for ; Tue, 23 Aug 2005 16:56:16 +0000 (GMT) (envelope-from mgrooms@shrew.net) Received: from mx2-out.seton.org (mx2-out.seton.org [65.118.63.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8E7343D46 for ; Tue, 23 Aug 2005 16:56:15 +0000 (GMT) (envelope-from mgrooms@shrew.net) Received: from localhost (unknown [127.0.0.1]) by mx2-out.seton.org (Postfix) with ESMTP id 6D267FB0 for ; Tue, 23 Aug 2005 11:56:14 -0500 (CDT) Received: from mx2-out.seton.org ([10.21.254.241]) by localhost (mx2 [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 32506-01 for ; Tue, 23 Aug 2005 11:56:14 -0500 (CDT) Received: from ausexfe02.seton.org (unknown [10.20.10.186]) by mx2-out.seton.org (Postfix) with ESMTP id 5BD3BB01 for ; Tue, 23 Aug 2005 11:56:14 -0500 (CDT) Received: from [10.20.160.190] ([10.20.160.190]) by ausexfe02.seton.org with Microsoft SMTPSVC(6.0.3790.211); Tue, 23 Aug 2005 11:56:14 -0500 Message-ID: <430B5680.1060506@shrew.net> Date: Tue, 23 Aug 2005 12:01:52 -0500 From: Matthew Grooms User-Agent: Mozilla Thunderbird 1.0.5 (Windows/20050711) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 23 Aug 2005 16:56:14.0242 (UTC) FILETIME=[9246F820:01C5A803] X-Virus-Scanned: by amavisd-new at seton.org Subject: odd tcpdump output w/ 6.0-BETA2 ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Aug 2005 16:56:16 -0000 Is anyone else seeing this issue? I get useless output from tcpdump ( no header or protocol decode ) but only when I specify a filter on the command line. For example ... root@hole# tcpdump -ne -i pflog0 src or dst www.21.com tcpdump: WARNING: BIOCPROMISC: Network is down tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes 11:33:05.172950 [|pflog] 11:33:05.222612 [|pflog] ^C 2 packets captured 2 packets received by filter 0 packets dropped by kernel ... or ... root@hole# tcpdump -i xl0 src or dst www.21.com tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on xl0, link-type EN10MB (Ethernet), capture size 96 bytes 11:33:32.920031 [|ether] 11:33:35.203998 [|ether] 11:33:35.375459 [|ether] 11:33:35.555475 [|ether] 11:33:35.728465 [|ether] 11:33:36.077081 [|ether] ^C 6 packets captured 67 packets received by filter 0 packets dropped by kernel ... but with no filter ... root@hole# tcpdump -i xl0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on xl0, link-type EN10MB (Ethernet), capture size 96 bytes 11:35:15.224237 IP 66-90-165-114.dyn.grandenetworks.net.ssh > fw1.seton.org.62909: P 507679271:507679463(192) ack 1455983273 win 65535 11:35:15.342434 IP fw1.seton.org.62909 > 66-90-165-114.dyn.grandenetworks.net.ssh: . ack 192 win 63760 11:35:15.371456 arp who-has 24-155-229-142.dyn.grandenetworks.net tell 24-155-229-254.dyn.grandenetworks.net 11:35:15.374214 arp who-has 66-90-146-196.dyn.grandenetworks.net tell 66-90-147-254.dyn.grandenetworks.net 11:35:15.496867 arp who-has 24-155-108-156.dyn.grandenetworks.net tell 24-155-109-254.dyn.grandenetworks.net 11:35:15.509748 arp who-has 24-155-108-208.dyn.grandenetworks.net tell 24-155-109-254.dyn.grandenetworks.net 11:35:15.533528 arp who-has 66-90-245-22.dyn.grandenetworks.net tell 66-90-245-254.dyn.grandenetworks.net ^C11:35:15.554105 arp who-has 216-188-225-208.dyn.grandenetworks.net tell 216-188-225-254.dyn.grandenetworks.net 8 packets captured 65 packets received by filter 0 packets dropped by kernel ... I did compile a custom kernel but haven't cvsup'ed any source since it was installed from the iso. Would like to cvsup and rebuild the kernel and userland but am restricted on diskspace. Does anyone know what collections are considered minimal to sync and rebuild or do I really need to cvsup src-all? Thanks, -Matthew