[Discuss] tcpdump
Justin Weissig
jweissig at gmail.com
Fri Aug 4 09:52:44 PDT 2006
Check out, http://www.tcpdump.org/lists/workers/2004/01/msg00007.html
Peace,
- jw
On 8/3/06, Michael Foltinek <foltinek at gmail.com> wrote:
> Hello, all,
>
> I need a swat with the clue stick:
>
> The man page for tcpdump doesn't adequately explain the difference
> between the number of packets captured, and the number "received by
> filter". I did a capture where the number of packets received by the
> filter was twice the number captured. I didn't have any regular
> expression in the tcpdump command, so I was assuming that I'd get
> every packet that went by the interface (on a mirror port on a
> switch). There were no packets dropped by the kernel (as reported by
> tcpdump).
>
> Honestly, I'm stumped. I've googled around, but can't find the wheat
> for the chaff, so I'm appealing to the gurus in VLUG for a clue. Why
> wouldn't it capture all the packets that went by? What am I missing?
>
> --
> True compassion is more than flinging a coin at a beggar; it comes to
> see that an edifice which produces beggars needs restructuring.
> - Dr. Martin Luther King Jr.
> _______________________________________________
> Discuss mailing list
> Discuss at vlug.org
> http://ladybug.vlug.org/cgi-bin/mailman/listinfo/discuss
>
More information about the Discuss
mailing list