From owner-freebsd-questions  Sat Sep 22 18:47: 6 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from femail28.sdc1.sfba.home.com (femail28.sdc1.sfba.home.com [24.254.60.18])
	by hub.freebsd.org (Postfix) with ESMTP id 2804D37B421
	for <questions@FreeBSD.ORG>; Sat, 22 Sep 2001 18:46:57 -0700 (PDT)
Received: from x1-6-00-50-ba-de-36-33.kico1.on.home.com ([24.141.119.162])
          by femail28.sdc1.sfba.home.com
          (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP
          id <20010919015103.BRZI6432.femail28.sdc1.sfba.home.com@x1-6-00-50-ba-de-36-33.kico1.on.home.com>;
          Tue, 18 Sep 2001 18:51:03 -0700
Received: from localhost (genisis@localhost)
	by x1-6-00-50-ba-de-36-33.kico1.on.home.com (8.11.3/8.11.3) with ESMTP id f8J1v1881789;
	Tue, 18 Sep 2001 21:57:02 -0400 (EDT)
	(envelope-from genisis@istar.ca)
X-Authentication-Warning: x1-6-00-50-ba-de-36-33.kico1.on.home.com: genisis owned process doing -bs
Date: Tue, 18 Sep 2001 21:57:01 -0400 (EDT)
From: Dru <genisis@istar.ca>
X-X-Sender:  <genisis@x1-6-00-50-ba-de-36-33.kico1.on.home.com>
To: Doug Poland <doug@polands.org>
Cc: <questions@FreeBSD.ORG>
Subject: Re: Can this be done?
In-Reply-To: <20010918203414.A29311@execpc.com>
Message-ID: <20010918215253.F81773-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG



On Tue, 18 Sep 2001, Doug Poland wrote:

> Sorry for the cryptic header but I can't describe what I'm
> trying to do in a small subject field.
>
> I'm looking for a tool that can show me tcp traffic.
> For example, I've got a windoze biff mail checker.  The
> program doesn't connect to the imap server correctly and
> I cannot tell what commands the biff client is sending to
> the imap server.
>
> If I had a tool that could capture and assemble the tcp
> traffic, I could see what is passing between my imap client
> and imap server.
>
> I've tried to get tcpdump to work but it doesn't appear that
> it can assemble packets, just reports on the packets themselves.
>
> Is there a tool that can do this?

Hi Doug,

How are you running tcpdump? By default it won't show the full packet, but
you can specify the packet size e.g. set it to maximum Ethernet size. But
I also second the motion for Ethereal, it's pretty cool. Some articles on
using both here, assuming the Net is still up :(

http://www.onlamp.com/pub/a/bsd/2001/03/21/FreeBSD_Basics.html
http://www.onlamp.com/pub/a/bsd/2000/08/16/FreeBSD_Basics.html

HTH,

Dru





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message