Bruce M Simpson wrote:
ports would seem to be an acceptable halfway house, though, for people who
want to use pcap/tcpdump of a more recent vintage, than has been determined
to be suitable for a FreeBSD release. does it not?
On general case, I agree with you. However libpcap does not change tha
On Wed, Oct 01, 2003 at 09:45:57PM +0300, Petri Helenius wrote:
> How often is "so often"? The vendor branch is over a year old and the
> bug that seems to annoy
> most real users of bpf has been known for quite a while longer and took
> a while to get into
> the origin and now it only would nee
Bruce M Simpson wrote:
This is coming up more often. Perhaps we should consider net/libpcap-devel
and net/tcpdump-devel ports for people who wish to track CVS and/or
snapshots of these tools? This might relieve some of the pressure on Bill
to update the vendor branch so often.
How often is "so
On Fri, Sep 19, 2003 at 12:43:44AM +0300, Petri Helenius wrote:
> >Shurely you mean tcpdump 3.7.2, which is already imported (by fenner, with
> >additional hacks)?
> I mean libpcap, which also tcpdump uses, if I´m not mistaken. Look in
> contrib/libpcap
This is coming up more often. Perhaps we sh
Don Bowman wrote:
I found that increasing the bpf buffer size in libpcap
to 256K from the default of 4K made a tremendous difference.
We generally use sizes from 512k to 8M depending on network interface and
hardware configuration. Used to do larger but run into some issues with KVM
allocations
From: Petri Helenius [mailto:[EMAIL PROTECTED]
> Bruce M Simpson wrote:
>
> >Er, if you check this URL:
> >http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/tcpdump/CHANGES
> >
> >Shurely you mean tcpdump 3.7.2, which is already imported
> (by fenner, with
> >additional hacks)?
> >
> >
> >
> I
Bruce M Simpson wrote:
Er, if you check this URL:
http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/tcpdump/CHANGES
Shurely you mean tcpdump 3.7.2, which is already imported (by fenner, with
additional hacks)?
I mean libpcap, which also tcpdump uses, if I´m not mistaken. Look in
contrib/libpca
On Thu, Sep 18, 2003 at 11:59:21PM +0300, Petri Helenius wrote:
> I just noticed that Bill committed fix to this bug back in February. Now
> it only needs that somebody refreshes the import from 0.7 to 0.7.2.
Er, if you check this URL:
http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/tcpdump/CHA
Bruce M Simpson wrote:
We should avoid applying patches on the import if we possibly can, it's
Not Right.
I know and I agree with that. That´s why I would like to have the tree
right to avoid patching
it locally. Same problem, different leg.
I'd suggest submitting a patch via Sourceforge. I d
On Thu, Sep 18, 2003 at 09:14:46AM +0300, Petri Helenius wrote:
> Sure, but because the bug in pcap-bpf.c there is no way to set the
> buffer above 32768
> without recompiling the library after applying the patch.
>
> This bug should be fixed in the FreeBSD copy of libpcap because tcpdump
> folk
Michael Sierchio wrote:
The time it takes to resolve host names, probably, and the additional
burden of writing the service names, where known, etc.
Try
tcpdump -vvv -n
or
tcpdump -vvv -ln
Or try a binary dump straight into a file, and analyze it offline.
Lars
--
Lars Eggert <[EMAIL PROTECTED]
Josh Brooks wrote:
Whenever I run:
tcpdump -vvv
when I am finished, I am surprised to see:
27441 packets received by filter
7866 packets dropped by kernel
The time it takes to resolve host names, probably, and the additional
burden of writing the service names, where known, etc.
Try
tcpdump -vv
Edwin Groothuis wrote:
On Wed, Sep 17, 2003 at 06:31:03PM -0700, Josh Brooks wrote:
Whenever I run:
tcpdump -vvv
when I am finished, I am surprised to see:
27441 packets received by filter
7866 packets dropped by kernel
That's because the buffer of captures-but-not-yet-processed packets
Josh Brooks wrote:
Whenever I run:
tcpdump -vvv
when I am finished, I am surprised to see:
27441 packets received by filter
7866 packets dropped by kernel
I have pored over the tcpdump man page, but do not see how to tell it to
not drop any of the packets.
What is the purpose behind this ? I ca
On Wed, Sep 17, 2003 at 06:31:03PM -0700, Josh Brooks wrote:
> Whenever I run:
>
> tcpdump -vvv
>
> when I am finished, I am surprised to see:
>
> 27441 packets received by filter
> 7866 packets dropped by kernel
That's because the buffer of captures-but-not-yet-processed packets
in tcpdump was
15 matches
Mail list logo
