Wireshark
Randall Stewart
rrs at cisco.com
Mon Mar 19 17:38:29 UTC 2007
Shteryana Shopova wrote:
> On 3/19/07, manuel.ochoa at yahoo.com <manuel.ochoa at yahoo.com> wrote:
>> Max, correct me if I'm wrong but tcpdump will only give you the
>> headers, is that correct? This is fine most of the time but sometimes
>> I need to capture full frames.
>
> Nope - that's not correct -
>
> #tcpdump -s 0
>
> will capture full frames.
But nothing IMO beats wireshark for being able
to go in and analyze a dump .. searching on various
condition's fields etc..
It does not matter to me generally how its collected
wireshark/tcpdump -s 0..
But to analyze it.. give me wireshark any day :-D
R
--
Randall Stewart
NSSTG - Cisco Systems Inc.
803-345-0369 <or> 803-317-4952 (cell)
More information about the freebsd-net
mailing list