Date: Thu, 17 Apr 2003 08:30:13 -0700 (PDT) From: Rene de Vries <rene@tunix.nl> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/51091: [FEATURE] Add -A (print ASCII) flag to tcpdump Message-ID: <200304171530.h3HFUDXd003439@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/51091; it has been noted by GNATS. From: Rene de Vries <rene@tunix.nl> To: Tony Finch <dot@dotat.at> Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: bin/51091: [FEATURE] Add -A (print ASCII) flag to tcpdump Date: Thu, 17 Apr 2003 17:27:36 +0200 This option is less verbose (or better different). The -X also displays the hex output (as far as I know) and this can be very disturbing. The -A only shows printable stuff. Rene Example dump with -A: 17:20:12.966613 a.b.c.49295 > d.e.f.smtp: S 3701272078:3701272078(0) win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 27812521 0> (DF) [tos 0x10] 17:20:12.978494 d.e.f.smtp > a.b.c.49295: S 2014425195:2014425195(0) ack 3701272079 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 9281858 27812521> (DF) 17:20:12.978546 a.b.c.49295 > d.e.f.smtp: . ack 1 win 57920 <nop,nop,timestamp 27812522 9281858> (DF) [tos 0x10] 17:20:13.782583 d.e.f.smtp > a.b.c.49295: P 1:36(35) ack 1 win 57920 <nop,nop,timestamp 9281938 27812522> [ 220 d.e.f ESMTP Postfix\015\012 ] (DF) 17:20:13.874241 a.b.c.49295 > d.e.f.smtp: . ack 36 win 57920 <nop,nop,timestamp 27812612 9281938> (DF) [tos 0x10] 17:20:18.412530 a.b.c.49295 > d.e.f.smtp: P 1:12(11) ack 36 win 57920 <nop,nop,timestamp 27813065 9281938> [ HELO test\015\012 ] (DF) [tos 0x10] 17:20:18.442240 d.e.f.smtp > a.b.c.49295: P 36:57(21) ack 12 win 57920 <nop,nop,timestamp 9282404 27813065> [ 250 d.e.f\015\012 ] (DF) 17:20:18.534269 a.b.c.49295 > d.e.f.smtp: . ack 57 win 57920 <nop,nop,timestamp 27813078 9282404> (DF) [tos 0x10] 17:20:20.056281 a.b.c.49295 > d.e.f.smtp: P 12:18(6) ack 57 win 57920 <nop,nop,timestamp 27813230 9282404> [ QUIT\015\012 ] (DF) [tos 0x10] 17:20:20.082060 d.e.f.smtp > a.b.c.49295: P 57:66(9) ack 18 win 57920 <nop,nop,timestamp 9282568 27813230> [ 221 Bye\015\012 ] (DF) 17:20:20.082993 d.e.f.smtp > a.b.c.49295: F 66:66(0) ack 18 win 57920 <nop,nop,timestamp 9282568 27813230> (DF) 17:20:20.083026 a.b.c.49295 > d.e.f.smtp: . ack 67 win 57920 <nop,nop,timestamp 27813232 9282568> (DF) [tos 0x10] 17:20:20.083175 a.b.c.49295 > d.e.f.smtp: F 18:18(0) ack 67 win 57920 <nop,nop,timestamp 27813232 9282568> (DF) [tos 0x10] 17:20:20.111825 d.e.f.smtp > a.b.c.49295: . ack 19 win 57920 <nop,nop,timestamp 9282571 27813232> (DF) Same dump with -X: 17:20:12.966613 a.b.c.49295 > d.e.f.smtp: S 3701272078:3701272078(0) win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 27812521 0> (DF) [tos 0x10] 0x0000 4510 003c d3d9 4000 4006 0000 c14f c985 E..<..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0e 0000 0000 ..>............. 0x0020 a002 e000 ef5a 0000 0204 05b4 0103 0300 .....Z.......... 0x0030 0101 080a 01a8 62a9 0000 0000 ......b..... 17:20:12.978494 d.e.f.smtp > a.b.c.49295: S 2014425195:2014425195(0) ack 3701272079 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 9281858 27812521> (DF) 0x0000 4500 003c 2887 4000 3d06 892e c2b2 3e7f E..<(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b06b dc9c ee0f .O......x..k.... 0x0020 a012 e000 24fd 0000 0204 05b4 0103 0300 ....$........... 0x0030 0101 080a 008d a142 01a8 62a9 .......B..b. 17:20:12.978546 a.b.c.49295 > d.e.f.smtp: . ack 1 win 57920 <nop,nop,timestamp 27812522 9281858> (DF) [tos 0x10] 0x0000 4510 0034 d3da 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b06c ..>.........x..l 0x0020 8010 e240 4e80 0000 0101 080a 01a8 62aa ...@N.........b. 0x0030 008d a142 ...B 17:20:13.782583 d.e.f.smtp > a.b.c.49295: P 1:36(35) ack 1 win 57920 <nop,nop,timestamp 9281938 27812522> (DF) 0x0000 4500 0057 288b 4000 3d06 890f c2b2 3e7f E..W(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b06c dc9c ee0f .O......x..l.... 0x0020 8018 e240 41cb 0000 0101 080a 008d a192 ...@A........... 0x0030 01a8 62aa 3232 3020 6d61 696c 6875 622e ..b.220.mailhub. 0x0040 7463 6a61 2e6e 6c20 4553 4d54 5020 506f tcja.nl.ESMTP.Po 0x0050 7374 6669 780d 0a stfix.. 17:20:13.874241 a.b.c.49295 > d.e.f.smtp: . ack 36 win 57920 <nop,nop,timestamp 27812612 9281938> (DF) [tos 0x10] 0x0000 4510 0034 d3dd 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b08f ..>.........x... 0x0020 8010 e240 4db3 0000 0101 080a 01a8 6304 ...@M.........c. 0x0030 008d a192 .... 17:20:18.412530 a.b.c.49295 > d.e.f.smtp: P 1:12(11) ack 36 win 57920 <nop,nop,timestamp 27813065 9281938> (DF) [tos 0x10] 0x0000 4510 003f d3e7 4000 4006 0000 c14f c985 E..?..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b08f ..>.........x... 0x0020 8018 e240 b351 0000 0101 080a 01a8 64c9 ...@.Q........d. 0x0030 008d a192 4845 4c4f 2074 6573 740d 0a ....HELO.test.. 17:20:18.442240 d.e.f.smtp > a.b.c.49295: P 36:57(21) ack 12 win 57920 <nop,nop,timestamp 9282404 27813065> (DF) 0x0000 4500 0049 2890 4000 3d06 8918 c2b2 3e7f E..I(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b08f dc9c ee1a .O......x....... 0x0020 8018 e240 c2ec 0000 0101 080a 008d a364 ...@...........d 0x0030 01a8 64c9 3235 3020 6d61 696c 6875 622e ..d.250.mailhub. 0x0040 7463 6a61 2e6e 6c0d 0a tcja.nl.. 17:20:18.534269 a.b.c.49295 > d.e.f.smtp: . ack 57 win 57920 <nop,nop,timestamp 27813078 9282404> (DF) [tos 0x10] 0x0000 4510 0034 d3ea 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee1a 7811 b0a4 ..>.........x... 0x0020 8010 e240 49ef 0000 0101 080a 01a8 64d6 ...@I.........d. 0x0030 008d a364 ...d 17:20:20.056281 a.b.c.49295 > d.e.f.smtp: P 12:18(6) ack 57 win 57920 <nop,nop,timestamp 27813230 9282404> (DF) [tos 0x10] 0x0000 4510 003a d3ef 4000 4006 0000 c14f c985 E..:..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee1a 7811 b0a4 ..>.........x... 0x0020 8018 e240 a195 0000 0101 080a 01a8 656e ...@..........en 0x0030 008d a364 5155 4954 0d0a ...dQUIT.. 17:20:20.082060 d.e.f.smtp > a.b.c.49295: P 57:66(9) ack 18 win 57920 <nop,nop,timestamp 9282568 27813230> (DF) 0x0000 4500 003d 2891 4000 3d06 8923 c2b2 3e7f E..=(.@.=..#..>. 0x0010 c14f c985 0019 c08f 7811 b0a4 dc9c ee20 .O......x....... 0x0020 8018 e240 33c3 0000 0101 080a 008d a408 ...@3........... 0x0030 01a8 656e 3232 3120 4279 650d 0a ..en221.Bye.. 17:20:20.082993 d.e.f.smtp > a.b.c.49295: F 66:66(0) ack 18 win 57920 <nop,nop,timestamp 9282568 27813230> (DF) 0x0000 4500 0034 2892 4000 3d06 892b c2b2 3e7f E..4(.@.=..+..>. 0x0010 c14f c985 0019 c08f 7811 b0ad dc9c ee20 .O......x....... 0x0020 8011 e240 48a3 0000 0101 080a 008d a408 ...@H........... 0x0030 01a8 656e ..en 17:20:20.083026 a.b.c.49295 > d.e.f.smtp: . ack 67 win 57920 <nop,nop,timestamp 27813232 9282568> (DF) [tos 0x10] 0x0000 4510 0034 d3f1 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee20 7811 b0ae ..>.........x... 0x0020 8010 e240 48a1 0000 0101 080a 01a8 6570 ...@H.........ep 0x0030 008d a408 .... 17:20:20.083175 a.b.c.49295 > d.e.f.smtp: F 18:18(0) ack 67 win 57920 <nop,nop,timestamp 27813232 9282568> (DF) [tos 0x10] 0x0000 4510 0034 d3f2 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee20 7811 b0ae ..>.........x... 0x0020 8011 e240 48a0 0000 0101 080a 01a8 6570 ...@H.........ep 0x0030 008d a408 .... 17:20:20.111825 d.e.f.smtp > a.b.c.49295: . ack 19 win 57920 <nop,nop,timestamp 9282571 27813232> (DF) 0x0000 4500 0034 2893 4000 3d06 892a c2b2 3e7f E..4(.@.=..*..>. 0x0010 c14f c985 0019 c08f 7811 b0ae dc9c ee21 .O......x......! 0x0020 8010 e240 489d 0000 0101 080a 008d a40b ...@H........... 0x0030 01a8 6570 On Thursday, Apr 17, 2003, at 17:10 Europe/Amsterdam, Tony Finch wrote: > Rene de Vries <rene@tunix.nl> wrote: >> >> Print the payload of TCP packets in human-readable (ASCII) >> format. This can be usefull when debugging readable protocols >> (like SMTP, HTTP, etc). > > What's wrong with the -X option? > > Tony. -- Rene de Vries <rene@tunix.nl> TUNIX Internet Security & Training
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304171530.h3HFUDXd003439>