Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
11-15-2008, 06:12 PM
|
#1
|
|
Member
Registered: Jul 2006
Location: Cambridge, UK
Distribution: Debian, Gentoo, FreeBSD
Posts: 283
Rep: 
|
tcpdump expressions doesn't works properly. [SOLVED]
Hi all!
I'm under a very weird problem here. I'm trying to use the tcpdump expressions and I'm getting weird results, for example:
#tcpdump port 80 <--when I do it and I try to open a website, I get no results at all. However, if I just try "tcpdump", I can see there's traffic at the http (80) port. WEIRD!
Then, if I try “tcpdump -i eth0 not port 80″, it still shows traffic from the port 80, where I know it shouldn't show the traffic from the 80 but from all the rest.
So it happens to any port I may try.
I know I'm not doing anything wrong, since 1 month ago I did the same thing in a client and it didn't happen. Maybe it's a bug or something, I don't know yet.
My kernel version is the 2.6.27 and I'm using Gentoo Linux.
tcpdump version 3.9.8
libpcap version 0.9.8
Does anyone have any clue about what's happening here?
Thanks in advance!
Last edited by sparc86; 11-15-2008 at 06:47 PM.
Reason: solved
|
|
|
|
|
11-15-2008, 06:46 PM
|
#2
|
|
Member
Registered: Jul 2006
Location: Cambridge, UK
Distribution: Debian, Gentoo, FreeBSD
Posts: 283
Original Poster
Rep:
|
Quote:
Originally Posted by sparc86
Hi all!
I'm under a very weird problem here. I'm trying to use the tcpdump expressions and I'm getting weird results, for example:
#tcpdump port 80 <--when I do it and I try to open a website, I get no results at all. However, if I just try "tcpdump", I can see there's traffic at the http (80) port. WEIRD!
Then, if I try “tcpdump -i eth0 not port 80″, it still shows traffic from the port 80, where I know it shouldn't show the traffic from the 80 but from all the rest.
So it happens to any port I may try.
I know I'm not doing anything wrong, since 1 month ago I did the same thing in a client and it didn't happen. Maybe it's a bug or something, I don't know yet.
My kernel version is the 2.6.27 and I'm using Gentoo Linux.
tcpdump version 3.9.8
libpcap version 0.9.8
Does anyone have any clue about what's happening here?
Thanks in advance!
|
Sorry, problem solved! I forgot to specify the ppp0 interface! That's why I wasn't getting it. |
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 04:47 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
