Steve-- Here's the info for getting a tcpdump that Heath sent me last fall. Worked fine for me. The last part about jumping to Software Update was specific for the problem I was having, so for you you'd have to figure out how to do your test and get your results. --Steve
On 9/13/04 11:45 PM, "Heath Raftery" <[EMAIL PROTECTED]> wrote: > Back to the issue with the server responding - you'll get a lot more > information and I'll have a lot more idea of what is going on, if you > could capture the tcp dump. I'm not sure if you're familiar with the > tools (or even if this is appropriate in your situation), but OS X > comes built in with a (command line) program called tcpdump, which > dumps the raw network traffic to a file. You can then analyse the > traffic with various tools (Ethereal being my favourite). Here's how to > dump the information necessary to file: > > In an administrator account on the OS X machine, type this at the > prompt in the Terminal (where % is your prompt): > > % sudo tcpdump -p -s 0 -i en0 -w networktraffic > It should prompt you for your password, by which it means your > admin/login password. You might get a message about not having enough > permissions to access /dev/bpf0 or something. In that case, use this > command first: > % sudo chmod 777 /dev/bpf* > to change permissions on the files required by tcpdump. > > Here's a breakdown of the command: > - sudo means to "do" the command as the "su" (super user), ie. the all > powerful root user. > - tcpdump is an application with "sniffs" network traffic. It will > record all traffic in and out of your computer. > - -p turns off "promiscuous" mode so you don't see the traffic of other > computers on the network. > - -s 0 sets the packet collection size to unlimited, so you get all the > data. > - -i en0 means to use the first Ethernet interface for collection. This > will be your built-in Ethernet connection which I'm assuming you are > connecting to the Internet through. > - -w networktraffic means to write the raw data to the file named > networktraffic (make sure you don't happen to have a file already by > that name in your home directory!). The raw data can later be > interpreted by other applications. > > After entering the command, you should get a confirmation message and > then nothing. At this point, tcpdump is recording traffic. Hopefully > your network is not too busy with traffic, which would make the output > rather complicated. In any case, quickly jump into Software Update and > do an update. To start with, it might be worth waiting out the delay. > Then jump back to the Terminal and press Control-C to stop tcpdump. You > can start is again with another file name (say -w networktraffic2) and > then try and update followed by a cancel.