On Sun, Jan 04, 2009 at 04:05:00PM +0200, KES wrote: > There will be very usefull to have options for tcpdump to monitor > incomint or outgoing traffic regardless of src/dst IPs or ports or protocol > > For example: > > kes# tcpdump -n -i rl4 out > EXPECTED: show traffic outgoing on rl4 > ACTUAL: tcpdump: syntax error > > kes# tcpdump -n -i rl4 in > EXPECTED: show traffic incoming on rl4 > ACTUAL: tcpdump: syntax error
Hi! I use following trick for that: tcpdump -n -p -i rl4 ether src me-rl4 # for outgoing tcpdump -n -p -i tl4 not ether src me-rl4 # for incoming And add MAC-address of rl4 to /etc/ethers with name 'me-rl4' or just 'me' if you need not watch other interfaces this way. Eugene Grosbein _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
