:> or with a redirect from tcpdump on a shell line,
:
:Assuming, as I suspect is the case, that they're using the same command
:on the OSes in question (or using "tcpdump" on FreeBSD and "windump" on
:Windows), that's also unlikely - it's just "{tcp,win}dump -w test.acp".
It amounts to the same thing, since -w does nothing more then an
fopen(..."w"). You get a pidly 8K buffer out of that, and it isn't
even double buffered.
But I think the last poster had it right... if the bpf buffer size
was not changed from the default 4096, just about anything can interrupt
the packet flow.
-Matt
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
- [tcpdump-workers] Fwd: kyxtech: freebsd outsniffed by win... Dragos Ruiu
- Re: [tcpdump-workers] Fwd: kyxtech: freebsd outsniff... Guy Harris
- [tcpdump-workers] Re: Fwd: kyxtech: freebsd outsniff... Mike Smith
- [tcpdump-workers] Re: Fwd: kyxtech: freebsd outsniff... Matt Dillon
- [tcpdump-workers] Re: [Ethereal-dev] Re: Fwd: ky... Guy Harris
- [tcpdump-workers] Re: [Ethereal-dev] Re: Fwd... Matt Dillon
- [tcpdump-workers] Re: [Ethereal-dev] Re:... Guy Harris
- [tcpdump-workers] Re: [Ethereal-dev] Re: Fwd: ky... Guy Harris
- [tcpdump-workers] Re: [Ethereal-dev] Re: Fwd... Guy Harris
- [tcpdump-workers] Re: Re: [Ethereal-dev]... Stefan Esser
- R: [tcpdump-workers] Re: Re: [Ether... Loris Degioanni
- Re: R: [tcpdump-workers] Re: Re... Stefan Esser
- [tcpdump-workers] Re: Fwd: kyxtech: freebsd outsniff... Alfred Perlstein
- [tcpdump-workers] R: [Ethereal-dev] Fwd: kyxtech: fr... Loris Degioanni
