[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: TCPDUMP Problem... SOLVED !!

Selon Alexandru Stefan-Voicu <alex.voicu@nova.scieron.com>:
> I tried every option tcpdump has, and finnaly ran into the "do not do
> reverse lookup one". And a "tcpdump -n | grep <interesting port>" works !!!

Do you know that using a pipe (|) will buffer output?
And do you know that tcpdump and grep buffers their output too?
You will always miss information using "tcpdump | grep"!
You may use the "-l" option to tcpdump to stop buffering output.
But you'd better use the tcpdump option directly for good filtering.
Eg: tcpdump -lni eth0 'tcp port (3306 or 389 or 3128)'

Regards, J.C.
--
Jean Christophe André <jean-christophe.andre@auf.org>  http://www.auf.org/
Administrateur Systèmes et Réseaux et Responsable Technique Régional
au Bureau Asie-Pacifique de l'Agence universitaire de la Francophonie
Reply to: