[svlug] Anyone using tcpdump with PPP?

Rafael Skodlar raffi at kset.com
Sat Sep 26 14:56:30 PDT 1998

Previous message: [svlug] Anyone using tcpdump with PPP?
Next message: [svlug] Anyone using tcpdump with PPP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I just tested the default tcpdump from RH5.0 distribution and it works
fine.

tcpdump -i ppp0 -w /tmp/tcpdump
tcpdump: listening on ppp0

10 packets received by filter
0 packets dropped by kernel

[root at krpan /tmp]# tcpdump -r /tmp/tcpdump
14:49:18.334653 ppp-1.kset.com.1139 > atlantis.kset.com.domain: 46939+
A? mach.kset.com. (30)
14:49:18.584653 atlas.kset.com.domain > ppp-1.kset.com.1139: 46939*
1/2/2 (123)
14:49:18.584653 ppp-1.kset.com > mach.kset.com: icmp: echo request
14:49:18.814653 mach.kset.com > ppp-1.kset.com: icmp: echo reply
14:49:19.584653 ppp-1.kset.com > mach.kset.com: icmp: echo request 

The only thing that comes to my mind is possibility that MAC broadcasts
appletalk packets and that confuses tcpdump.

Was there a reason to compile your own version of tcpdump rather than use
the one from install disk?

On Sat, 26 Sep 1998, stealth wrote: 

> Hello all,
> 
> I am new to tcpdump, and I just downloaded and compiled
> tcpdump-3.3 and libpcap-0.4. I have Slackware kernel 2.0.33.
> 
> I am getting these errors at the command line:
> 
> stealth:~# tcpdump -i ppp0
> tcpdump: unknown data link type 0xc
> 
> stealth:~# tcpdump -i ppp0 -w fileA
> tcpdump: listening on ppp0
> 
> 1024 packets received by filter
> 0 packets dropped by kernel
> 
> stealth:~# tcpdump -r fileA
> tcpdump: unknown data link type 0xc
> 
> I can only read fileA using "strings". No problems occur
> when I run "tcpdump -i eth0". Does anyone know what's going
> on?
> 
> My Linux box has 1 ethernet connection to my Mac, and 1 PPP
> connection to my internet provider via 28k modem. I am
> running IP Masquerading to allow my Mac to access the
> internet.
> 
> 
> I appreciate any help you can give me! Thanks!
> 
> 
> 
> Brendan
> -- 
> stealth at value.net
> 
> --
> echo "unsubscribe svlug" | mail majordomo at svlug.org
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe
> 

   Rafael Skodlar


--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

Previous message: [svlug] Anyone using tcpdump with PPP?
Next message: [svlug] Anyone using tcpdump with PPP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list