LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-28-2004, 08:07 AM   #1
merlin-themage
LQ Newbie
 
Registered: May 2004
Location: Lisbon, Portugal
Distribution: Gnu/Debian
Posts: 1

Rep: Reputation: 0
Question Sniffing: tcpdump gets some initial packets


Hi ppl,

In my network I have am HP DL360G3, that have a dual bcm5700 NIC. It is connected to a Cisco swicth, and one of the NICs are connected to a port that is the target to a mirror from our switch port where we get the outside link (the link to our ISP router).

This particular port is just up, without any ip (even if I already tried to configure it with IP, with the same result), and I did set it promiscous, and without promiscous mode, always with identical results:

running
Code:
tcpdump -nn -i eth0
I keep getting packets, for as long as I keep it running. with any "ip" or "port xx" tcpdump prints some packets (3 to 37) when starts, when then stay quiet as long as I keep it running.

some info:
Code:
# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0E:7F:FE:89:FA
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:372829179 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1807040210 (1.6 GiB)  TX bytes:0 (0.0 b)
          Interrupt:11 Memory:f7ef0000-f7f00000
#cat /proc/sys/net/ipv4/ip_forward
1
#grep . /proc/sys/net/ipv4/conf/eth0/*
/proc/sys/net/ipv4/conf/eth0/accept_redirects:1
/proc/sys/net/ipv4/conf/eth0/accept_source_route:1
/proc/sys/net/ipv4/conf/eth0/arp_filter:0
/proc/sys/net/ipv4/conf/eth0/bootp_relay:0
/proc/sys/net/ipv4/conf/eth0/forwarding:1
/proc/sys/net/ipv4/conf/eth0/log_martians:0
/proc/sys/net/ipv4/conf/eth0/mc_forwarding:0
/proc/sys/net/ipv4/conf/eth0/proxy_arp:0
/proc/sys/net/ipv4/conf/eth0/rp_filter:0
/proc/sys/net/ipv4/conf/eth0/secure_redirects:1
/proc/sys/net/ipv4/conf/eth0/send_redirects:1
/proc/sys/net/ipv4/conf/eth0/shared_media:1
/proc/sys/net/ipv4/conf/eth0/tag:0
Any other info you need, just ask. I need this to sniff http logs from all my sites.
Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ethereal/TCPdump/Kismet, wireless sniffing scott4957 Linux - Software 1 10-18-2005 12:22 AM
Wireless sniffing with Ethereal/tcpdump/kismet scott4957 Linux - Wireless Networking 2 10-07-2005 02:13 PM
Sniffing Packets - Outside my LAN Palula Linux - Software 2 09-20-2005 01:31 PM
algorithm for sniffing IP packets? shrike_912 Programming 2 06-08-2004 03:48 PM
tcpdump and dropped packets Blindsight Linux - Networking 5 07-14-2003 11:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration