Date: Sat, 11 Oct 1997 09:15:28 +0930 From: Greg Lehey <grog@lemis.com> To: Mark Tinguely <tinguely@plains.NoDak.edu> Cc: joe@via.net, questions@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <19971011091528.45066@lemis.com> In-Reply-To: <199710101404.JAA26051@plains.NoDak.edu>; from Mark Tinguely on Fri, Oct 10, 1997 at 09:04:47AM -0500 References: <199710101404.JAA26051@plains.NoDak.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 10, 1997 at 09:04:47AM -0500, Mark Tinguely wrote: > >> In fact, unless you ask for link-level headers with the -e option, >> you'll just get the IP datagram if it *is* IP. > > I meant to say that the Berkeley Packet Filter/tcpdump works on the > whole ethernet frame. The TCP part of the tcpdump name, may give the > impression that it only can work on the TCP or IP level. The name appears to be misleading. In fact, it will work on the entire frame, even if it's not IP. > The BPF/tcpdump is even generic enough that we have made very small > modifications to make it filter/display ATM information. There you go. But if you've gone that deep, I'm surprised that you're asking this question. Have I missed something? Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971011091528.45066>