["Graham Walsh" <graham_walsh50@xxxxxxxxxxx>]

 

 

awesome! Thanks so much alistair. I'm all set. I can manage the saved file size and also be aware of the ICMP error frames now. cheers much.

 

G

 

>From: Alistair.McGlinchy@xxxxxxxxxxxxxxxxxxxxx

>To: graham_walsh50@xxxxxxxxxxx

>CC: ethereal-users@xxxxxxxxxxxx

>Subject: RE: [Ethereal-users] snooping corba on hp (remotely?)

>Date: Wed, 17 Apr 2002 19:39:26 +0100

>

>Graham,

>

> One thing I did notice is that the non-gui version, tethereal

>doesn't

> support the "-f giop" flag on NT or HP. I could

>

> tethereal -f tcp

>

> but not "-f giop", giop works in the gui however. I find this

>strange 'cos I

> assume the gui is simply built on the same libs as the interface. I

>think it

> came back with something like "couldn't parse argument string" or

>something

> like that.

>

>I think you might be confusing a display filter (-R) from a capture filter

>(-f).

>

>A capture filter (Eg. -f "ip host 1.2.3.4") filters frames that will be

>saved to the trace file. This type of filter uses the tcpdump syntax. Being

>a windows user I don't have the privilage of "man tcpdump" so I use the

>"_expression_" section of http://windump.polito.it/docs/manual.htm for

>documentation. As you can see the syntax only goes up to the TCP/UDP/ICMP

>level within the TCP/IP stack.

>

>A display filter (Eg. -R "http.request == 1") decides which subset of frames

>in a trace file are to be displayed on the screen. Ethereal has a much

>richer syntax for filters that tcpdump. I have no idea what GIOP is but the

>only way you will be able to filter for it is using a display filter. Once a

>display filter is applied you can choose the "save only packets currently

>being displayed". This will save a new capture file with only your GIOP

>packets. The -R flag can only be used when reading from an existing trace

>file (using -r), although you can apply a display filter in real time in the

>GUI.

>

>Also, if you are trying to diagnose network problems with your application,

>I do not recommend that you use -f tcp as a filter as you may miss out on

>some important information (returned ICMP error frames from routers for

>example). Stick with -f "ip host x.y.z.w" and use a display filter

>afterwards.

>

>HTH,

>

>Alistair

> > ----------------------------------------------------------------------

> > Alistair McGlinchy, alistair.mcglinchy@xxxxxxxxxxxxxxxxxxxxx

> > Sizing and Performance, Central IT, ext. 5012, ph +44 20 7268-5012

> > Marks and Spencer, 3 Longwalk Rd, Stockley Park, Uxbridge UB11 1AW, UK

> >

>

>

>-----------------------------------------------------------------------

>

>

>Registered Office:

>Marks & Spencer p.l.c

>Michael House, Baker Street,

>London, W1U 8EP

>Registered No. 214436 in England and Wales.

>

>Telephone (020) 7935 4422

>Facsimile (020) 7487 2670

>

>www.marksandspencer.com

>

>Please note that electronic mail may be monitored.

>

>This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful.

>

>The registered office of Marks and Spencer Financial Services Limited, Marks and Spencer Unit Trust Management Limited, Marks and Spencer Life Assurance Limited and Marks and Spencer Savings and Investments Limited is Kings Meadow, Chester, CH99 9FB.

>

---

Send and receive Hotmail on your mobile device: Click Here

---

This message has been 'sanitized'. This means that potentially dangerous content has been rewritten or removed. The following log describes which actions were taken.

Sanitizer (start="1019096995"):
  SanitizeFile (filename="unnamed.html", mimetype="text/html"):
    Match (rule="default"):
      Enforced policy: accept

  Rewrote HTML tag: >>_div style='background-color:'_<<
                as: >>_div MANGLED_ON_PURPOSE_style='background-color:'_<<
  Total modifications so far: 1

Anomy 0.0.0 : Sanitizer.pm $Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $

---

This message has been 'sanitized'. This means that potentially dangerous content has been rewritten or removed. The following log describes which actions were taken.

Sanitizer (start="1019096995"):
  SanitizeFile (filename="unnamed.html", mimetype="text/html"):
    Match (rule="default"):
      Enforced policy: accept

  Rewrote HTML tag: >>_div style='background-color:'_<<
                as: >>_div MANGLED_ON_PURPOSE_style='background-color:'_<<
  Total modifications so far: 1

Anomy 0.0.0 : Sanitizer.pm $Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $