Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: tcpdump question
Special Forums IP Networking tcpdump question Post 302159689 by sysgate on Friday 18th of January 2008 08:04:35 AM
Old 01-18-2008
This is kind of unclear to me, how do you create the files ? Is it >> (append) or > (redirect), what format is that ? What is the OS ? How are you sure what's happening with the connections ? What if they got closed for some reason ? Given the conditions you've posted, Connection A will be the same in the second file, but tcpdump will eavesdrop the current flow, i.e. timestamp will be different.
Please post more details, as well as log snippets, if possible, so we can answer this correctly, in case I got it wrong.
 

9 More Discussions You Might Find Interesting

1. Programming

How To Use tcpdump

I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0. I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies

2. UNIX for Dummies Questions & Answers

tcpdump

does anybody know what the -d -dd and -ddd options are used for ? thanks (2 Replies)
Discussion started by: ant04
2 Replies

3. Cybersecurity

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies

4. IP Networking

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
Discussion started by: chamnanpol
2 Replies

5. UNIX for Dummies Questions & Answers

tcpdump and prism headers question

Hello everyone! I installed OpenWRT on a WRT54G-TM (linux 2.4). No problem so far!. I also installed tcpdump on the box. I set the adapter in monitor mode. wlc monitor 1 It created the prism0 interface. Tcpdumpíng is also possible using this interface. root@cmWRT:/tmp# tcpdump -i... (1 Reply)
Discussion started by: aztroboy
1 Replies

6. IP Networking

Can anyone explain this tcpdump question?

Please look at the third line that the windows size is 257, but in the fourth line it sends 992 bytes. Can anyone tell me why? Thanks in advance!!! http://life.chinaunix.net/bbsfile/month_1108/1108241440ce458925d2bb6d73.png (3 Replies)
Discussion started by: cateran
3 Replies

7. IP Networking

tcpdump vs. wireshark

Hi, I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay. When using wireshark, I can successfully capture these packets and view them in wireshark. However, when using tcpdump, these packets are then shown in... (2 Replies)
Discussion started by: yotamhc
2 Replies

8. Debian

Tcpdump Help !

Hi. Need Help with TcpDump Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies

9. IP Networking

TCPdump

I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies

LEARN ABOUT DEBIAN

auelementnotifyevent

AuElementNotifyEvent(3) 				     Library Functions Manual					   AuElementNotifyEvent(3)

Name
       AuElementNotifyEvent - element notify event structure

Structures
       #include <audio/audiolib.h>

       typedef union _AuEvent
       {
	   . . .
	   AuElementNotifyEvent auelementnotify;
	   . . .
       }AuEvent;

       typedef struct _AuElementNotifyEvent
       {
	   int type;
	   AuUint32 serial;
	   AuBool send_event;
	   AuServer *server;
	   AuTime time;
	   AuFlowID flow;
	   unsigned char element_num;
	   unsigned char kind;
	   unsigned char prev_state;
	   unsigned char cur_state;
	   unsigned char reason;
	   AuUint32 num_bytes;
       }AuElementNotifyEvent;

Members
       type	 The event type.  ElementNotify events are type AuEventTypeElementNotify.

       serial	 The serial ID of the event expanded from the 16 bit value sent by the server.

       send_event
		 AuTrue if the event came from a SendEvent protocol request.

       server	 The connection to the audio server that the event was read from.

       time	 The server time in milliseconds when the event was generated.

       flow	 The ID of the flow that caused the event.

       element_num
		 The index of the element that caused the event or AuElementAll to indicate the flow.

       kind	 The  kind  of	notify	event.	This will be one of these constants: AuElementNotifyKindLowWater, AuElementNotifyKindHighWater, or
		 AuElementNotifyKindState.

       prev_state
		 The previous state of the element indexed by element_num.  This will be one of these  constants:  AuStateStop,  AuStateStart,	or
		 AuStatePause.

       cur_state The current state of the element indexed by element_num.  This will be one of these constants: AuStateStop, AuStateStart, or AuS-
		 tatePause.

       reason	 The reason for the notify event.  This will be one of these constants: AuReasonUser, AuReasonUnderrun, AuReasonOverrun,  AuReaso-
		 nEOF, AuReasonWatermark, or AuReasonHardware.

       num_bytes The number of bytes to send or receive.  Only valid if the the element indexed by element_num is an ImportClient or ExportClient.

Description
       ElementNotify  events  are  sent to client applications to notify them of a watermark condition or state change.  If kind is AuElementNoti-
       fyKindLowWater, the ImportClient element indexed by element_num in flow is ready to receive num_bytes of audio data from the client  appli-
       cation.	 If  kind  is  AuElementNotifyKindHighWater, the ExportClient element indexed by element_num in flow is ready to send num_bytes of
       audio data to the client application.  If kind is AuElementNotifyKindState, the element indexed by element_num (or flow if  element_num	is
       AuElementAll) has made a state transition from prev_state to cur_state triggering the event.  Reguardless of kind, prev_state and cur_state
       contain the old and new states and reason contains the reason for the event.

See Also
       AuAnyEvent, AuErrorEvent, AuGrabNotifyEvent, AuMakeSendNotifyAction, AuMonitorNotifyEvent.

       audiolib - Network Audio System C Language Interface

audiolib - events						       1.9.3						   AuElementNotifyEvent(3)
All times are GMT -4. The time now is 02:56 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy