On Feb 11, 2010, at 1:54 PM, Richard Bejtlich wrote: > In situations like this it is helpful to troubleshoot with the -d option > > http://taosecurity.blogspot.com/2004/12/understanding-tcpdumps-d-option-part-2.html
...and especially note the pointer to the BPF paper, which explains the "machine language" that the BPF compiler generates (and that, on many platforms, is handed to the kernel to interpret and/or translate to machine code); that's what "tcpdump -d" prints out.- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.