> I think the BSD is showing some wrong info. It is infact showing the total
> number of packets on the network rather than the ones caught using the filter.
For what it's worth, the BPF implementations on, I suspect, all the BSDs
returns, from a BIOCGSTATS ioctl, the count of packets handed to the BPF
mechanism in the "bs_recv" field, *not* the count of packets that then
passed the filter.
Yes, I think what you said is correct. It depends on the interpretation.
I got carried away when i saw different behaviour in Linux and BSD.
thanks a lot
Ashley
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
