Ed Stevens wrote: > > Ed Stevens wrote: > > > > I would like to know how to start tcpdump 3.6 listening on all > > interfaces such that the name of the interface is printed on each line > > of output. > > In tcpdump 3.4, this is easy: just start up without specifying an > > interface. I expected that starting 3.6 with the 'any' interface > > specified would do the same thing, but it doesn't. I really need to be > > able to listen to all interfaces, AND to know which interface each > > packet belongs to. > > > > Here's an added note: I downloaded and built tcpdump 3.4.19, and I don't > see the device names on output there either. Is this a compile-time > option? Or should I be looking at an earlier version, say, 3.4.1? I tried 3.4.5; same deal. Here is the output of the tcpdump 3.4 binary from the Red Hat Linux RPM: [root@myhost sbin]# ./tcpdump arp Kernel filter, protocol ALL, datagram packet socket tcpdump: listening on all devices 19:05:44.442858 eth0 B arp who-has 10.10.0.1 tell 10.10.3.234 19:05:46.684144 eth0 B arp who-has 10.10.3.160 tell 10.10.0.215 19:05:46.684911 eth0 B arp who-has 10.10.3.236 tell 10.10.0.215 ...etc... After the timestamp there is the device name, and a B (for broadcast, I assume). The device name is what I need... but there are no #ifdefs in the code to account for the difference. I need to be able to build, from the source code, a version that will "listen on all devices" as above and print out the device name as well. Any ideas on how this was done with a single instance of tcpdump? -- Ed Stevens Senior Software Designer, Atreus Systems Corporation (613) 233-1741 x226 http://www.atreus-systems.com - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
