From owner-freebsd-questions Tue Sep 18 18:59: 2 2001 Delivered-To: freebsd-questions@freebsd.org Received: from out1.mx.nwbl.wi.voyager.net (out1.mx.nwbl.wi.voyager.net [169.207.2.78]) by hub.freebsd.org (Postfix) with ESMTP id 526DD37B40A for ; Tue, 18 Sep 2001 18:58:59 -0700 (PDT) Received: from earth.execpc.com (dpoland@earth.execpc.com [169.207.16.1]) by out1.mx.nwbl.wi.voyager.net (8.11.4/8.11.4/1.7) with ESMTP id f8J1x7u68666; Tue, 18 Sep 2001 20:59:07 -0500 (CDT) Received: (from dpoland@localhost) by earth.execpc.com (8.9.0) id UAA01350; Tue, 18 Sep 2001 20:58:58 -0500 (CDT) Date: Tue, 18 Sep 2001 20:58:58 -0500 From: Doug Poland To: Dru Cc: questions@freebsd.org Subject: Re: Can this be done? Message-ID: <20010918205858.A426@execpc.com> References: <20010918203414.A29311@execpc.com> <20010918215253.F81773-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3us In-Reply-To: <20010918215253.F81773-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Sep 18, 2001 at 09:57:01PM -0400, Dru wrote: > > > On Tue, 18 Sep 2001, Doug Poland wrote: > > > Sorry for the cryptic header but I can't describe what I'm > > trying to do in a small subject field. > > > > I'm looking for a tool that can show me tcp traffic. > > For example, I've got a windoze biff mail checker. The > > program doesn't connect to the imap server correctly and > > I cannot tell what commands the biff client is sending to > > the imap server. > > > > If I had a tool that could capture and assemble the tcp > > traffic, I could see what is passing between my imap client > > and imap server. > > > > I've tried to get tcpdump to work but it doesn't appear that > > it can assemble packets, just reports on the packets themselves. > > > > Is there a tool that can do this? > > > How are you running tcpdump? By default it won't show the full packet, but > you can specify the packet size e.g. set it to maximum Ethernet size. But > I also second the motion for Ethereal, it's pretty cool. Some articles on > using both here, assuming the Net is still up :( > I was using a packet size of up to 1024 with the -X option. The ascii portion of the dump was incomprehensible. I'm building the ethereal port as I type this > http://www.onlamp.com/pub/a/bsd/2001/03/21/FreeBSD_Basics.html > http://www.onlamp.com/pub/a/bsd/2000/08/16/FreeBSD_Basics.html > BTW, I really like all the BSD articles you publish on the zines. I'm glad you're on the list pointing people like me to these excellent resources. -- Regards, Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message