From owner-freebsd-questions Tue Feb 4 9:14:25 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3932B37B401 for ; Tue, 4 Feb 2003 09:14:23 -0800 (PST) Received: from sub21-156.member.dsl-only.net (sub21-156.member.dsl-only.net [63.105.21.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 95E4B43E4A for ; Tue, 4 Feb 2003 09:14:22 -0800 (PST) (envelope-from nkinkade@sub21-156.member.dsl-only.net) Received: from nkinkade by sub21-156.member.dsl-only.net with local (Exim 4.10) id 18g6eH-000Cmb-00 for freebsd-questions@freebsd.org; Tue, 04 Feb 2003 09:14:17 -0800 Date: Tue, 4 Feb 2003 09:14:17 -0800 From: Nathan Kinkade To: freebsd-questions@freebsd.org Subject: Re: arplookup 0.0.0.0 Message-ID: <20030204171417.GI87743@sub21-156.member.dsl-only.net> Reply-To: nkinkade@dsl-only.net Mail-Followup-To: freebsd-questions@freebsd.org References: <000f01c2c935$63d24710$0201010a@ntbdc> <20030202025523.GI79960@sub21-156.member.dsl-only.net> <20030204071504.GH393@freepuppy.bellavista.cz> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="mXDO3udm/xYWQeMQ" Content-Disposition: inline In-Reply-To: <20030204071504.GH393@freepuppy.bellavista.cz> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --mXDO3udm/xYWQeMQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 04, 2003 at 08:15:04AM +0100, Roman Neuhauser wrote: > # nkinkade@dsl-only.net / 2003-02-01 18:55:23 -0800: > > On Sat, Feb 01, 2003 at 05:20:53PM -0500, Stephen D. Kingrea wrote: > > > tcpdump tells me that incoming smtp requests are generating these > > > messages at the same time as recieving mail. i am pretty sure that > > > either sendmail or ipfw rules is the cause... > > >=20 > > > any good tutorials out there on interpreting tcpdump output? > > >=20 > > > stephen > >=20 > > If you have X installed, you could use ethereal > > (/usr/ports/net/ethereal)....it is a very nice graphical interface for > > analyzing network traffice. I think it uses tcpdump itself?? >=20 > you can use ethereal without X. You are probably refering to `tethereal`. I am talking about `ethereal` - the GUI. They are two different binaries. The first sentence of the ethereal man page says: "Ethereal is a GUI network protocol analyzer." At any rate, my point in suggesting ethereal was to offer up an alternative to the text based tcpdump, in the hope that it might be easier to analyze the data, not simply to offer up another text based utility. In a broad sense you are correct in that tethereal is installed along with ethereal, in a technical sense you are wrong.=20 Nathan --=20 GPG Public Key ID: 0x4250A04C gpg --keyserver pgp.mit.edu --recv-keys 4250A04C http://63.105.21.156/gpg_nkinkade_4250A04C.asc --mXDO3udm/xYWQeMQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+P/ToWZYS9EJQoEwRAgsxAJ0WR2mGIWb3fiGu01tQpkGI9sS9+wCg4Rf3 4cCCxXwmj44uPPg12X5OLQI= =AB4U -----END PGP SIGNATURE----- --mXDO3udm/xYWQeMQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message