Mailinglist Archive: opensuse (3139 mails)

< Previous Next >
Re: [SLE] tcpdump ?)
  • From: Andreas <maps.on@xxxxxxx>
  • Date: Fri, 20 Oct 2006 00:09:54 +0000 (UTC)
  • Message-id: <45381426.80403@xxxxxxx>
James Knott wrote:
Andreas wrote:
Is there a way to strip all the tcp/ip stuff off and get just the payload?
Maybe there is another sniffer that manages this task better?


What sort of filtering are you doing? I often use Ethereal, which
allows filtering on all sorts of things, including protocol and addresses

Actually tcpdump doesn't filter at all besids selecting only frames coming from a certain ip-adress.
AFAIK tcpdump usually just shows the headers but has the options -a -s 0 to expand the output beyond the frame headers. So I get a lot more than I want.
Suppose a payload stream of a readable text like a book. In the ASCII output there is the text and unreadable ASCII stuff where I think it has to be protocol headers or trailers. Sometimes they split a word in two parts with gibberish in between.





< Previous Next >
Follow Ups
References