From owner-freebsd-bugs@FreeBSD.ORG Thu Apr 17 08:30:14 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1AE3E37B401 for ; Thu, 17 Apr 2003 08:30:14 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86BC343FBD for ; Thu, 17 Apr 2003 08:30:13 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h3HFUDUp003440 for ; Thu, 17 Apr 2003 08:30:13 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h3HFUDXd003439; Thu, 17 Apr 2003 08:30:13 -0700 (PDT) Date: Thu, 17 Apr 2003 08:30:13 -0700 (PDT) Message-Id: <200304171530.h3HFUDXd003439@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Rene de Vries Subject: Re: bin/51091: [FEATURE] Add -A (print ASCII) flag to tcpdump X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Rene de Vries List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2003 15:30:14 -0000 The following reply was made to PR bin/51091; it has been noted by GNATS. From: Rene de Vries To: Tony Finch Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: bin/51091: [FEATURE] Add -A (print ASCII) flag to tcpdump Date: Thu, 17 Apr 2003 17:27:36 +0200 This option is less verbose (or better different). The -X also displays the hex output (as far as I know) and this can be very disturbing. The -A only shows printable stuff. Rene Example dump with -A: 17:20:12.966613 a.b.c.49295 > d.e.f.smtp: S 3701272078:3701272078(0) win 57344 (DF) [tos 0x10] 17:20:12.978494 d.e.f.smtp > a.b.c.49295: S 2014425195:2014425195(0) ack 3701272079 win 57344 (DF) 17:20:12.978546 a.b.c.49295 > d.e.f.smtp: . ack 1 win 57920 (DF) [tos 0x10] 17:20:13.782583 d.e.f.smtp > a.b.c.49295: P 1:36(35) ack 1 win 57920 [ 220 d.e.f ESMTP Postfix\015\012 ] (DF) 17:20:13.874241 a.b.c.49295 > d.e.f.smtp: . ack 36 win 57920 (DF) [tos 0x10] 17:20:18.412530 a.b.c.49295 > d.e.f.smtp: P 1:12(11) ack 36 win 57920 [ HELO test\015\012 ] (DF) [tos 0x10] 17:20:18.442240 d.e.f.smtp > a.b.c.49295: P 36:57(21) ack 12 win 57920 [ 250 d.e.f\015\012 ] (DF) 17:20:18.534269 a.b.c.49295 > d.e.f.smtp: . ack 57 win 57920 (DF) [tos 0x10] 17:20:20.056281 a.b.c.49295 > d.e.f.smtp: P 12:18(6) ack 57 win 57920 [ QUIT\015\012 ] (DF) [tos 0x10] 17:20:20.082060 d.e.f.smtp > a.b.c.49295: P 57:66(9) ack 18 win 57920 [ 221 Bye\015\012 ] (DF) 17:20:20.082993 d.e.f.smtp > a.b.c.49295: F 66:66(0) ack 18 win 57920 (DF) 17:20:20.083026 a.b.c.49295 > d.e.f.smtp: . ack 67 win 57920 (DF) [tos 0x10] 17:20:20.083175 a.b.c.49295 > d.e.f.smtp: F 18:18(0) ack 67 win 57920 (DF) [tos 0x10] 17:20:20.111825 d.e.f.smtp > a.b.c.49295: . ack 19 win 57920 (DF) Same dump with -X: 17:20:12.966613 a.b.c.49295 > d.e.f.smtp: S 3701272078:3701272078(0) win 57344 (DF) [tos 0x10] 0x0000 4510 003c d3d9 4000 4006 0000 c14f c985 E..<..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0e 0000 0000 ..>............. 0x0020 a002 e000 ef5a 0000 0204 05b4 0103 0300 .....Z.......... 0x0030 0101 080a 01a8 62a9 0000 0000 ......b..... 17:20:12.978494 d.e.f.smtp > a.b.c.49295: S 2014425195:2014425195(0) ack 3701272079 win 57344 (DF) 0x0000 4500 003c 2887 4000 3d06 892e c2b2 3e7f E..<(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b06b dc9c ee0f .O......x..k.... 0x0020 a012 e000 24fd 0000 0204 05b4 0103 0300 ....$........... 0x0030 0101 080a 008d a142 01a8 62a9 .......B..b. 17:20:12.978546 a.b.c.49295 > d.e.f.smtp: . ack 1 win 57920 (DF) [tos 0x10] 0x0000 4510 0034 d3da 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b06c ..>.........x..l 0x0020 8010 e240 4e80 0000 0101 080a 01a8 62aa ...@N.........b. 0x0030 008d a142 ...B 17:20:13.782583 d.e.f.smtp > a.b.c.49295: P 1:36(35) ack 1 win 57920 (DF) 0x0000 4500 0057 288b 4000 3d06 890f c2b2 3e7f E..W(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b06c dc9c ee0f .O......x..l.... 0x0020 8018 e240 41cb 0000 0101 080a 008d a192 ...@A........... 0x0030 01a8 62aa 3232 3020 6d61 696c 6875 622e ..b.220.mailhub. 0x0040 7463 6a61 2e6e 6c20 4553 4d54 5020 506f tcja.nl.ESMTP.Po 0x0050 7374 6669 780d 0a stfix.. 17:20:13.874241 a.b.c.49295 > d.e.f.smtp: . ack 36 win 57920 (DF) [tos 0x10] 0x0000 4510 0034 d3dd 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b08f ..>.........x... 0x0020 8010 e240 4db3 0000 0101 080a 01a8 6304 ...@M.........c. 0x0030 008d a192 .... 17:20:18.412530 a.b.c.49295 > d.e.f.smtp: P 1:12(11) ack 36 win 57920 (DF) [tos 0x10] 0x0000 4510 003f d3e7 4000 4006 0000 c14f c985 E..?..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee0f 7811 b08f ..>.........x... 0x0020 8018 e240 b351 0000 0101 080a 01a8 64c9 ...@.Q........d. 0x0030 008d a192 4845 4c4f 2074 6573 740d 0a ....HELO.test.. 17:20:18.442240 d.e.f.smtp > a.b.c.49295: P 36:57(21) ack 12 win 57920 (DF) 0x0000 4500 0049 2890 4000 3d06 8918 c2b2 3e7f E..I(.@.=.....>. 0x0010 c14f c985 0019 c08f 7811 b08f dc9c ee1a .O......x....... 0x0020 8018 e240 c2ec 0000 0101 080a 008d a364 ...@...........d 0x0030 01a8 64c9 3235 3020 6d61 696c 6875 622e ..d.250.mailhub. 0x0040 7463 6a61 2e6e 6c0d 0a tcja.nl.. 17:20:18.534269 a.b.c.49295 > d.e.f.smtp: . ack 57 win 57920 (DF) [tos 0x10] 0x0000 4510 0034 d3ea 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee1a 7811 b0a4 ..>.........x... 0x0020 8010 e240 49ef 0000 0101 080a 01a8 64d6 ...@I.........d. 0x0030 008d a364 ...d 17:20:20.056281 a.b.c.49295 > d.e.f.smtp: P 12:18(6) ack 57 win 57920 (DF) [tos 0x10] 0x0000 4510 003a d3ef 4000 4006 0000 c14f c985 E..:..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee1a 7811 b0a4 ..>.........x... 0x0020 8018 e240 a195 0000 0101 080a 01a8 656e ...@..........en 0x0030 008d a364 5155 4954 0d0a ...dQUIT.. 17:20:20.082060 d.e.f.smtp > a.b.c.49295: P 57:66(9) ack 18 win 57920 (DF) 0x0000 4500 003d 2891 4000 3d06 8923 c2b2 3e7f E..=(.@.=..#..>. 0x0010 c14f c985 0019 c08f 7811 b0a4 dc9c ee20 .O......x....... 0x0020 8018 e240 33c3 0000 0101 080a 008d a408 ...@3........... 0x0030 01a8 656e 3232 3120 4279 650d 0a ..en221.Bye.. 17:20:20.082993 d.e.f.smtp > a.b.c.49295: F 66:66(0) ack 18 win 57920 (DF) 0x0000 4500 0034 2892 4000 3d06 892b c2b2 3e7f E..4(.@.=..+..>. 0x0010 c14f c985 0019 c08f 7811 b0ad dc9c ee20 .O......x....... 0x0020 8011 e240 48a3 0000 0101 080a 008d a408 ...@H........... 0x0030 01a8 656e ..en 17:20:20.083026 a.b.c.49295 > d.e.f.smtp: . ack 67 win 57920 (DF) [tos 0x10] 0x0000 4510 0034 d3f1 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee20 7811 b0ae ..>.........x... 0x0020 8010 e240 48a1 0000 0101 080a 01a8 6570 ...@H.........ep 0x0030 008d a408 .... 17:20:20.083175 a.b.c.49295 > d.e.f.smtp: F 18:18(0) ack 67 win 57920 (DF) [tos 0x10] 0x0000 4510 0034 d3f2 4000 4006 0000 c14f c985 E..4..@.@....O.. 0x0010 c2b2 3e7f c08f 0019 dc9c ee20 7811 b0ae ..>.........x... 0x0020 8011 e240 48a0 0000 0101 080a 01a8 6570 ...@H.........ep 0x0030 008d a408 .... 17:20:20.111825 d.e.f.smtp > a.b.c.49295: . ack 19 win 57920 (DF) 0x0000 4500 0034 2893 4000 3d06 892a c2b2 3e7f E..4(.@.=..*..>. 0x0010 c14f c985 0019 c08f 7811 b0ae dc9c ee21 .O......x......! 0x0020 8010 e240 489d 0000 0101 080a 008d a40b ...@H........... 0x0030 01a8 6570 On Thursday, Apr 17, 2003, at 17:10 Europe/Amsterdam, Tony Finch wrote: > Rene de Vries wrote: >> >> Print the payload of TCP packets in human-readable (ASCII) >> format. This can be usefull when debugging readable protocols >> (like SMTP, HTTP, etc). > > What's wrong with the -X option? > > Tony. -- Rene de Vries TUNIX Internet Security & Training