> Earlier, [EMAIL PROTECTED] wrote:
> > What I'm talking about isn't what shows up, it's what doesn't show up.
> > with tcpdump host foo, I get: <time> B arp who-has <ip#> tell foo
> > but I don't get the output that tcpdump port 80 gets.
>
[EMAIL PROTECTED] writes:
> Could we get a diagram of your network? Could you identify which host
> the appication is running on and which host you're running tcpdump on?
There are three computers, all attached to a small 10baseT hub.
They are within 6 feet of each other. One is windoze95, the other two are
Linux.
>
> Which host are you running tcpdump on? Are you running tcpdump on the
> multi-homed host that is serving as your firewall?
The firewall is across town. Probably Solaris, or NT.
I run tcpdump on one, or both, of the Linux boxes. My point/question is
that I know tcpdump can see the packets. tcpdump tcp host foo
gives an error message. tcpdump ip host foo finally gives me the
arp, smb traffic, as well as the port 80 traffic. But it still doesn't give me
the traffic directed thru the gateway to the firewall. The man pages, &
even the readme, & changes files don't mention hidden rules.
>
> Are you using some sort of switch as opposed to a hub for your network
> connectivity?
I believe the switch in my building is also the default gateway to the
firewall.
>
> --kevin
>
Thanks for all the help,
Bob Sparks
Linux enthusiast (sounds better than loud mouthed fanatic)
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
