I had a problem with my old (3.5) tcpdump on decoding BGP UPDATE packets, so
i upgraded to the latest and greates, but it still dumps core on me :-(
When i do a "-w file" and view it with ethereal afterwards there is no problem.
Any ideas (libpcap is 0.6.2, the system is a solaris 2.7 box but tcpdump and
libpcap were compiled on a Solaris 2.6 box, ge1 is a gigabit interface)?
./tcpdump --version
tcpdump version 3.6
libpcap version 0.6
etc.
./tcpdump -vvv -s 512 -i ge1 port bgp
tcpdump: listening on ge1
14:08:00.157675 l0.BR7.Amsterdam.surf.net.bgp > 145.117.32.111.39173: P [tcp sum ok]
65:107(42) ack 64 win 16320: BGP (UPDATE: (Path attributes: (ORIGIN[T] IGP)
(AS_PATH[T] 1103)
(NEXT_HOP[T] l0.BR7.Amsterdam.surf.net))
(NLRI: 0.0.0.0/0)) [tos 0xc0] (ttl 255, id 3, len 82)
14:08:00.157840 145.117.32.111.39173 > l0.BR7.Amsterdam.surf.net.bgp: P [tcp sum ok]
64:128(64) ack 107 win 9112: BGP (KEEPALIVE)
(UPDATE: (Path attributes: (ORIGIN[T] IGP)
Bus error (core dumped)
--
Ewald H. Beekman, Network Engineer, Academic Medical Center,
dept. ADB/ICT Computer & Network Services, The Netherlands
## Your mind-mint is:
But in our enthusiasm, we could not resist a radical overhaul of the
system, in which all of its major weaknesses have been exposed,
analyzed, and replaced with new weaknesses.
-- Bruce Leverett, "Register Allocation in Optimizing Compilers"
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
