Shteryana Shopova wrote:
On 3/19/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Max, correct me if I'm wrong but tcpdump will only give you the
headers, is that correct? This is fine most of the time but sometimes
I need to capture full frames.
Nope - that's not correct -
#tcpdump -s 0
will capture full frames.
But nothing IMO beats wireshark for being able
to go in and analyze a dump .. searching on various
condition's fields etc..
It does not matter to me generally how its collected
wireshark/tcpdump -s 0..
But to analyze it.. give me wireshark any day :-D
R
--
Randall Stewart
NSSTG - Cisco Systems Inc.
803-345-0369 <or> 803-317-4952 (cell)
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
