On Fri, Jul 05, 2024 at 02:39:48PM +0000, Mik J wrote:
> Hello,
>
> I notice that tcpdump on openbsd differs from the linux version.
>
> Some options don't exist:
> - G rotate_seconds
> - W filecount
>
> Do you know why tcpdump on openbsd don't include these switch ?
>
> Would it be possible to implement them on openbsd ?
>
> Regards
>
A long time ago, tcpdump was forked by the OpenBSD project and later
rewritten to use privilege separation by canacar@ and myself. This
means than all the interpretation of network data is done in a
seperate, unprivileged process that can do no damage even if one of
the disectors is buggy.
Before and after that moment (about 20 years ago), the code bases
diverged, and OpenBSD's version does not have all the new/fancy stuff
that the original upstream version has. The big advantage is that I
dare to run the OpenBSD one.
You can always take a look to see if new features can be ported to
OpenBSD's tcpdump. Sometimes it's easy, sometimes not.
-Otto
