Re: [tcpdump-workers] sniffing HTTP traffic to load-balancer on a

On Nov 1, 2010, at 9:42 PM, Jim Lloyd wrote: You want some kind of port mirroringhttp://en.wikipedia.org/wiki/Port_mirroring And http://wiki.wireshark.org/SwitchReference for information and links to manuals about doing port mirroring - or whatever the switch vendor calls it - on

Re: [tcpdump-workers] sniffing HTTP traffic to load-balancer on a dedicated machine

On Nov 1, 2010, at 8:57 PM, Andrej van der Zee wrote: Hi, I am looking for a solution that sniffs all HTTP traffic to the load-balancer in a multi-tier web application, but WITHOUT starting tcpdump on the load-balancer itself. Does the load balancer support some form of mirror port? If

Re: [tcpdump-workers] sniffing HTTP traffic to load-balancer on a

Hi, Thanks for your emails. I am not sure the type of switch but I am going to try to find out. Will take some time though. The idea is to sniff all incoming/outgoing traffic on the WAN side of the load-balancer, I mean all external traffic of users that visit the web site hosted through the

Re: [tcpdump-workers] sniffing HTTP traffic to load-balancer on a

On Nov 2, 2010, at 12:05 AM, Andrej van der Zee wrote: The idea is to sniff all incoming/outgoing traffic on the WAN side of the load-balancer, Is the WAN side implemented as: some form of WAN (a T{n} or E{n} serial line, or an OC{n} or STM{n} optical link) going directly into the

Re: [tcpdump-workers] sniffing HTTP traffic to load-balancer on a

Hi, Thanks for pushing me in the right direction. I will have to find out the network-layout of our client somehow, but most likely it is not directly connected to the WAN. Thanks again, I will get back as soon as I have more info. Cheers, Andrej On Tue, Nov 2, 2010 at 4:15 PM, Guy Harris

[tcpdump-workers] MIME type for libpcap (tcpdump -w)

Hi folks, I was a bit surprised when I clicked on a libpcap packet capture that it did not automatically launch wireshark -r. I have searched the archive of this mailing list looking for a MIME type and found no consensus. I seek consensus for the following, which I have based on discussions

Re: [tcpdump-workers] MIME type for libpcap (tcpdump -w)

On Nov 2, 2010, at 6:01 PM, Glen Turner wrote: I was a bit surprised when I clicked on a libpcap packet capture that it did not automatically launch wireshark -r. I have searched the archive of this mailing list looking for a MIME type and found no consensus. I seek consensus for the

Re: [tcpdump-workers] MIME type for libpcap (tcpdump -w)

Hi Guy, Is that a problem with said requirements? The IANA mandatory requirements for vendor MIME types are: - they must reference media, not other things - syntax must be correct - parameters must be explained (there are none in this case) - each MIME type describes only one data format,