Date: Sat, 8 Apr 2006 08:56:28 -0400 From: "fbsd_user" <fbsd_user@a1poweruser.com> To: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@FreeBSD.ORG> Subject: help with tcpdump cmd syntax Message-ID: <MIEPLLIBMLEEABPDBIEGCEGEHEAA.fbsd_user@a1poweruser.com> In-Reply-To: <4435ADF5.4020102@vonostingroup.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I tried tcpdump -i rl0 src host 218.166.163.180 -w /usr/tcpdump.data tcpdump -i rl0 host 218.166.163.180 -w /usr/tcpdump.data tcpdump -i rl0 src ip 218.166.163.180 -w /usr/tcpdump.data but got syntax error msg with no hint of what was wrong If I remove the -w stuff it works. Meaning it prints to the screen. But I want to write to file Can you help me out here on the syntax error? One other thing. When does tcpdump get access to the packet? My firewall has a block log rule for that ip address. Does tcpdump see the packet before ipfilter ipnat does?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGCEGEHEAA.fbsd_user>