Wireshark · Ethereal-dev: Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?

Ethereal-dev: Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Matt Dillon <dillon@xxxxxxxxxxxxxxxxxxx>

Date: Thu, 7 Dec 2000 23:38:09 -0800 (PST)

:>     or with a redirect from tcpdump on a shell line,
:
:Assuming, as I suspect is the case, that they're using the same command
:on the OSes in question (or using "tcpdump" on FreeBSD and "windump" on
:Windows), that's also unlikely - it's just "{tcp,win}dump -w test.acp".

    It amounts to the same thing, since -w does nothing more then an
    fopen(..."w").  You get a pidly 8K buffer out of that, and it isn't
    even double buffered.

    But I think the last poster had it right... if the bpf buffer size
    was not changed from the default 4096, just about anything can interrupt
    the packet flow.

						-Matt

Follow-Ups:
- Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
  - From: Guy Harris

References:
- [Ethereal-dev] Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
  - From: Dragos Ruiu
- [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
  - From: Matt Dillon
- Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
  - From: Guy Harris

Prev by Date: [Ethereal-dev] Re: [tcpdump-workers] Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
Next by Date: Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
Previous by thread: Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
Next by thread: Re: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?
Index(es):
- Date
- Thread