All Questions
10 questions
2
votes
1
answer
3k
views
What does tcpdump: pcap_loop: truncated dump file; tried to read 1899 captured bytes, only got 1880 mean and how do I fix it?
I can't see any other question that asks the same thing as mine. I want to know what tcpdump: pcap_loop: truncated dump file; tried to read 1899 captured bytes, only got 1880 means. I received it when ...
- 331
1
vote
1
answer
1k
views
How to find out the PID which generates traffics to port 9229 in MacBook
There are unknown traffics to port 9229 in my MacBook.
$ sudo tcpdump -i any -n port 9229
......
12:10:39.176502 IP6 ::1.62261 > ::1.9229: Flags [S], seq 638850191, win 65535, options [mss 16324,...
- 31
0
votes
2
answers
3k
views
Capturing incoming UDP packet fails
My Environment:
Mac OS X 10.8.5 (IP: 192.168.10.5)
CentOS 6.5 (IP: 192.168.10.8)
I'm trying to capture UDP incoming packet on OS X.
I tried on the Terminal of OS X
# tcpdump -In udp portrange 6000
...
- 105
21
votes
6
answers
114k
views
tcpdump – rotate capture files using -G, -W and -C
I'm looking to be able to capture a rotating tcpdump output which captures 30 minutes worth of data, into 48 files, cyclically.
The man page implies this should be possible, but my testing doesn't ...
- 568
2
votes
1
answer
1k
views
what does `tcpdump -xx` do in Mac OS X?
I was playing with tcpdump, and I noticed that, on OS X, the -xx option does something that is different to what the man page describes.
Here is what the man page says:
-x When parsing and ...
- 275
0
votes
2
answers
1k
views
Packet filter logging [currently with tcpdump in background as root]
I am running OS X Mavericks and use the "packet filter" firewall. However, it seems that "pflogd" is not available.
I found that you can create an interface named pflog0 and then use tcpdump to see ...
- 1
3
votes
1
answer
10k
views
How to set NIC in promiscuous mode on mac book air?
With MacOSx, I am trying to run my nic in promiscuous mode and then use tshark / tcpdump to capture traffic.
Option 1:
ifconfig en0 promisc
but I get this message:
ifconfig: promisc: bad value
...
- 342
5
votes
2
answers
17k
views
tcpdump promiscuous mode on OSX 10.8
By examining my wireless router configuration I can see there's 2 IPs assigned:
192.168.1.100 -> laptop (Macbook Air OSX 10.8.2, where I runtcpdump)
192.168.1.101 -> ipad
But then if I run:
sudo ...
- 113
2
votes
2
answers
2k
views
How can I monitor which applications make DNS requests on OS X?
I'm trying to send all of my unencrypted day-to-day traffic over an SSH tunnel, which is working pretty well with a simple SOCKS proxy. Skype still goes outside, but that's okay, as Skype is encrypted,...
- 123
0
votes
2
answers
363
views
Able to write on stdout but not in a file
I want to keep a trace of the URL I visit, so I use a command line like this:
tcpdump -ien1 -v -X 'tcp port 80' | sed -nl
's/^.0x[0-9a-f]{4}:.{43}(.)$/\1/p' |perl break.pl |perl -pe
's/(GET|...
mike scott