And I see a few lines like this come up:
21:30:53.099811 my.local.host.support \
some.multi.part.internet.add.http: . ack 291 win 8471 (DF)
What does the `support' extension mean?
check /etc/services.
itojun
-
This is the TCPDUMP workers list. It is archived at
On Thu, May 16, 2002 at 11:42:36AM +0800, [EMAIL PROTECTED] wrote:
I want to use libpcap to change the content of a package.
(the content of a HTML page of a TCP package) The framework
of the program I am using is taken from sniffer.c supplied
at http://www.tcpdump.org/sniffer.c.
My
On Thu, May 16, 2002 at 12:30:39PM +0800, [EMAIL PROTECTED] wrote:
IMHO, I think the design of the framework of libpcap only has the
ability to show the content of the packages and can not change
the content of a specific package. Is that so?
That is so. See my response to your other
On Wed, May 15, 2002 at 09:52:46PM -0700, Harry Putnam wrote:
What does it mean in a tcpdump line of output with this command line:
tcpdump -i eth1 src host some.local.host
And I see a few lines like this come up:
21:30:53.099811 my.local.host.support \
On Thu, May 16, 2002 at 01:00:10AM -0700, Guy Harris wrote:
It probably means
No, it doesn't. It means, as itojun noted, that the request is coming
from some TCP port that happens to be given the name support in the
services name lookup database.
On my system (FreeBSD 3.4), although it's
Thanks, Guy pal!
I have received your mail. Everything is Ok now.
Best regards,
George Ma
- Original Message -
From: Guy Harris
To: [EMAIL PROTECTED]
Subject: Re: Re: [tcpdump-workers] A limitation of libpcap?
Sent: Thu May 16 16:11:03 CST 2002
On Thu, May 16, 2002 at 04:03:16PM
On Wed, May 15, 2002 at 04:15:31PM +0200, Hannes Gredler wrote:
pls find attached a patch to support the IS-IS buffersize TLV #14
BGP labeled unicast;
Checked in.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use
On Mon, May 06, 2002 at 02:31:58PM -0600, Phil Wood wrote:
Does anyone have a problem with this patch which allows for a call to
pcap_stats and cleanup prior to an exit(1):
Checked in.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To
Thanks, Guy pal!
I have read some documents of libnet. I find libnet can only
create ( called injection) packages and can not modify the
content of a TCP package.
Do you know some other ways on how to modify the content of a
TCP package?
Best regards,
George Ma
- Original Message
By default, tcpdump should be attempting to resolve IPs into
hostnames, as well as port numbers into service names. Where you see
names, there is an entry in /etc/services. Where you don't, there
isn't. On a server, a good number of connections will be to known
service ports. On
On Thu, May 16, 2002 at 09:18:46PM +0800, [EMAIL PROTECTED] wrote:
I have read some documents of libnet. I find libnet can only
create ( called injection) packages
Packet injection is the *transmission* of a packet. There are
routines in libnet to create packets in the sense of constructing
Thanks, Jan pal!
Let me have a try. :-)
Best regards,
George Ma
- Original Message -
From: Honza Pomahac
To: [EMAIL PROTECTED]
Subject: Re: Re:Re: Re: [tcpdump-workers] A limitation of libpcap?
Sent: Fri May 17 05:04:40 CST 2002
If you are using Linux, using netfilter/iptables
Thanks, Guy pal!
Let me have a try!
Best regards,
George Ma
- Original Message -
From: Guy Harris
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Re: Re: [tcpdump-workers] A limitation of libpcap?
Sent: Fri May 17 03:00:43 CST 2002
On Thu, May 16, 2002 at 09:18:46PM
13 matches
Mail list logo