I'll admit I'm not the sharpest tool in the shed but my feeble reading
man tcpdump indicates that this command should show traffic on a
specific host:
tcpdump host 192.168.0.7
And in fact if I start a ping of the host from local machine
192.168.0.5 I do see the traffic. But if I slide over to the console
of 192.168.0.7 and run a browser, I see only this one line:
20:30:16.497123 arp who-has fw.local.lan tell satwin.local.lan
(satwin.local.lan is 192.168.0.7)
Although the broser is connecting to sites online I don't see the
traffic.
The manpage says point blank that I should:
EXAMPLES
To print all packets arriving at or departing from sun
down:
tcpdump host sundown
So whats happening here?
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
