divne chovani tcpdumpu
Petr Janda
janda na netbox.cz
Pátek Červenec 1 17:52:39 CEST 2005
Take zdravim
On Thu, Jun 30, 2005 at 10:03:30PM +0200, Zdenek SUTR Kaminski wrote:
> Zdravim,
>
> zarazi mne chovani tcpdumpu na stroji A (82.142.70.161). Kdyz pingam
> (ping -n <IP adresa>) ze stroje B (212.67.70.79) na adresu 82.142.70.165 a
> na stroji A si pustim
>
> tcpdump -i eth0 -n host 82.142.70.165 -v, tak vidim:
> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
> bytes
> 21:56:29.865644 IP (tos 0x0, ttl 58, id 0, offset 0, flags [DF], proto 1,
> length: 84) 212.67.79.70 > 82.142.70.165: icmp 64: echo request seq 1
> 21:56:30.069741 IP (tos 0x0, ttl 112, id 5124, offset 0, flags [none],
> proto 17, length: 33) 83.253.20.119.2285 > 82.142.70.165.27015: UDP,
.....
> coz je v poradku.
>
> Kdyz si ovsem pustim
>
> tcpdump -i eth0 -n -p icmp -v, tak vidim:
>
> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
> bytes
>
> coz je spatne.
man tcpdump - parametr -p neznamena protokol, ale promiskuitni mod
karty.
Prcek
Další informace o konferenci Linux