some days ago I read smtp and http traffic with tcpdump at different switches. For further analysis I want to use another software, which can read tcpdump files. (tcpdump 0.7.2)
Now I have the problem that the other software can read the http-tcpdump files, but not the smtp-tcpdump files. Ethereal can do it!
I saw that there are some stp and loop packets in the tcpdump files. I tried to filter these protocols out with tethereal and conversion, but I had no success.
Example: tethereal -d tcp.port==25,smtp -r filein -w fileout -F ngwsniffer_2_0 - (stp protocol still there)
If I filter these packets out with ethereal and save only the displayed content I had no success too. The new file couldn't be read by my analysis software.
So I'm wondering if anybody has a idea how to filter, convert or analyse the tcpdump files with programs like ethereal, tethereal, editcap, tcpdump to get this thing running.
How can I distinguish why the software can read the http-tcpdump files and not the smtp-tcpdump files?
Thanks in advance
with best regards Cliff
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
- This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
