'[ tcpdump-Bugs-574488 ] Filtering probmels in token-ring'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-patches
Subject:    [ tcpdump-Bugs-574488 ] Filtering probmels in token-ring
From:       noreply () sourceforge ! net
Date:       2002-06-27 8:27:38
[Download RAW message or body]

Bugs item #574488, was opened at 2002-06-27 01:27
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=469573&aid=574488&group_id=53066

Category: None
Group: v3.7
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: Filtering probmels in token-ring

Initial Comment:
Trying to dump with a filer like 
tcpdump -X -i tr0 -n -s 4056 ip host xxx.xxx.xxx.xxx
I do not dump anything.
The reason seems to be the fact that the host I'm
trying to trace (and which is connecting to the host
i'm running tcpdump on ) is on a remote eth networkm
while i'm on a token ring one.

the output i get if I dump without filters is:

07:05:00.975449 rt = 610:11:ff00 (1500) stfsrv01.http >
stftk06.49454: S 1959913187:1959913187(0) ack 101 win
12048 <mss 4016> (DF)
0x0000   aaaa 0300 0000 0800 4500 002c 0000 4000      
 ........E..,..@.
0x0010   4006 efd3 8493 a160 8494 a070 0050 c12e      
 @......`...p.P..
0x0020   74d1 e6e3 0000 0065 6012 2f10 f678 0000      
 t......e`./..x..
0x0030   0204 0fb0                                    
 ....
07:05:01.033334 0:3:91:0:71:48 sap 90 >
0:40:aa:7d:bb:4b ip-sap I (s=0,r=8,P) len=56
0x0000   0690 0011 ff00 aaaa 0300 0000 0800 4500      
 ..............E.
0x0010   0028 00c8 0000 3a06 3510 8494 a070 8493      
 .(....:.5....p..
0x0020   a160 c12e 0050 0000 0065 74d1 e6e4 5010      
 .`...P...et...P.
0x0030   060c 4136 0000 0000 0000 0000                
 ..A6........

In other words, those frames coming from eth make
tcpdump unable to read layer 3 headers ( i may assume
because of the rt value, don't know...).
Note that the previous dump was about a
SYN-ACK -> 
ACK <-
between the same two machines.

Emanuele "SKULL" Balla
skull@skullkrusher.net

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=469573&aid=574488&group_id=53066
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic