From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 25 18:06:38 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8F28516A4DA
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jul 2006 18:06:38 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 26A8C43D55
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jul 2006 18:06:38 +0000 (GMT)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.13.1/8.13.4) id k6PI6btF097174;
	Tue, 25 Jul 2006 13:06:37 -0500 (CDT) (envelope-from dan)
Date: Tue, 25 Jul 2006 13:06:37 -0500
From: Dan Nelson <dnelson@allantgroup.com>
To: Steel City Phantom <scphantm@yahoo.com>
Message-ID: <20060725180637.GA70646@dan.emsphone.com>
References: <44C51D80.8060306@yahoo.com>
	<20060725011022.GD27489@jeeves.stilyagin.local>
	<44C63BBE.90102@yahoo.com> <44C64486.3030005@mac.com>
	<44C65765.4090401@yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <44C65765.4090401@yahoo.com>
X-OS: FreeBSD 5.5-PRERELEASE
X-message-flag: Outlook Error
User-Agent: Mutt/1.5.12-2006-07-14
Cc: freebsd-questions@freebsd.org
Subject: Re: dumping net traffic to log file
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jul 2006 18:06:38 -0000

In the last episode (Jul 25), Steel City Phantom said:
> Great, im making good progress here.  it seems like tcpdump only
> captures the headers, is there a way to capture the entire packet,
> data and all?

tcpdump only displays a packet summary by default.  If you want to see
the full packet data, use -X.  It's better if you don't do this during
capture, though, since it may cause you to drop packets.  capture to a
file with the -w flag (possibly with -s0 to capture the entire packet),
then view the data later with -r.

See the manpage for more details.

-- 
	Dan Nelson
	dnelson@allantgroup.com