... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.protocols.tcp-ip

TCP and IP network protocols.

14,669 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 12,875 of 14,669

Rick Jones to Satish

Re: tcpdump -w file is not capturing all

26 May 09 16:40:54

   ae1fd719   
   From: rick.jones2@hp.com   
      
   Satish  wrote:   
   > I am trying to capture tcpdump for traffic to a port in a file but   
   > this does not seem to capture all the packets. Command I use is :   
      
   > tcpdump -w tdump.dat port 22   
      
   > Why is it not capturing all the packets ?   
      
   Why is a piece of string as long as it is?-)   
      
   > Both the commands were run for 10 secs. In fact I ran the command   
   > with -w option for 15 secs but still the captured packets in the   
   > dump are are just 6 compared to 26 packets without the file save   
   > option. Any reason ? What I can I do to capture all ?   
      
   There can be lots of reasons, some of which may apply to your case,   
   some not.  Among them:   
      
   *) the packets weren't there to catch in the first place   
      
   *) the write to a file hit some sync glitch in the filesystem and kept   
      tcpdump from draining the captured packets fast enough.   
      
   *) something else pre-empted tcpdump for a bit and kept it from   
      draining packets.   
      
   rick jones   
   --   
   oxymoron n, commuter in a gas-guzzling luxury SUV with an American flag   
   these opinions are mine, all mine; HP might not want them anyway... :)   
   feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]