On Tuesday 25 October 2005 23:21, Anton Nikiforov wrote: > tcpdump -n -e -ttt -x -i pflog0 host 127.0.0.1 > 000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > > 127.0.0.1.643: . ack 30 win 65535 > 0x0000: 4600 002c 6605 4000 0306 11c5 7f00 0001 F..,[EMAIL > PROTECTED] > 0x0010: 7f00 0001 0100 0000 0202 0283 8129 5dab .............)]. > 0x0020: 5db7 f2f2 5010 ffff 7dce 0000 ]...P...}... > 000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > > 127.0.0.1.643: . ack 30 win 65535 > 0x0000: 4600 002c d21d 4000 0306 a5ac 7f00 0001 F..,[EMAIL > PROTECTED] > 0x0010: 7f00 0001 0100 0000 0202 0283 8129 5dab .............)]. > 0x0020: 5db7 f2f2 5010 ffff 7dce 0000 ]...P...}... > > The rule for this packet is not a "log" one, but the sign (short) is > what i cannot understand.
Read 'man 1 tcpdump' about key "-s". You command must be like "tcpdump -s 1000 -n -e -ttt -x -i pflog0 host 127.0.0.1" Change value 1000 to appropriate. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
