Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
whenever i capture packets on my standalone home pc i found that i am getting or capture analysis tells that each packet is captured twice. why am i getting same packets twice entry in packet capture. i use simple sniffer C program also iptraf utility. but getting same results why?
i am using redhat linux 9.0 with 2.4.20-8 kernel.
i have no lan card on my home pc. i am using tcpdump as well as sniffer programs that give me results that each loopback packet on 127.0.0.1 appear as 2 packets in packet capture analysis by pinging to 127.0.0.1
Distribution: Knoppix to play, Slack current, OpenBSD stables
You are most likely seeing the ICMP ping packet that is both a request and a reply, like the full message of "hey you there, yep I'm here" or more like "am I me, yep I'm me" in the case of the loopback...
I'm in my final year of a Bsc Computer Systems degree. For my final year project I have to
design and implement a simple Linux network on 3 Pc's and then design and
implement a Network Analyser based on tcpdump.
I have successfully networked 3 Pcs using Linux Red Hat 9. The network is
private and I has no Internet access. The next phase of the project is (I
design and implement a network analyser based on tcpdump' is the stage I'm
I don't understand how to utilise this tcpdump to get information. Is this a
facility built into Red Hat 9? Can you output tcpdump contents to a file?
then manipulate this to extract information I require?
From the information I've gathered so far from my supervisor and reading on
this subject, I think I have to somehow direct output from the tcpdump to
file then somehow using GAWK dissect and output info to screen i.e.. say
source and destination address, protocol used etc... Could you please help
me with any information to be able to do the above if this is along the
right tracks as I'm now struggling implement this final stage of my project.
Some more info if it helps at all?
I have to simulate traffic on my private network and capture what every it
is I have sent, for example using ftp to send a file from one host to
another. I need to provide means of capturing both UDP and TCP packets so I
will need to research which protocol uses what. But its understanding and
being able to work with tcpdump which is where I'm struggling. I read the
man pages but find them a bit vague.
I was thinking that your capture program probably sits somewhere in the middle of the protocol stack. It happens to see each packet twice not because there are two packets but because the loopback interface sends packets down to the bottom and then they come right back up again. Each packet would pass by the network analyzer twice, once on the way down and then again as it gets bounced back up the protocol stack by loopback.