RE: direction during capture

["Iain McAleer" <iain () security asn au>]

I'm atually refering to the code...I'm trying to write a sniffer that will
do the same as libpcap allows you to. however i'm having the problem
mentioned....

-----Original Message-----
From: owner-tcpdump-workers () sandelman ottawa on ca
[mailto:owner-tcpdump-workers () sandelman ottawa on ca]On Behalf Of Gisle
Vanem
Sent: Monday, December 23, 2002 10:12 PM
To: tcpdump-workers () tcpdump org
Subject: Re: [tcpdump-workers] direction during capture


"Iain McAleer" <iain () security asn au> said:

> I've been looking at the source for pcap and can't seem to see how you
> manage to get it to capture packets sent by the host the pcap code is
> running on, i have done read() andn recvfrom() and both only seem to pick
up
> packets received by the host. if anyone can direct me to the pcap code or
> give me a breif explination it would be greatly appreciated

If it's IP -traffic you want, simply use
   tcpump ip src <your ip-address>

For all ether-traffic from your machine, use
   tcpump ether src <your MAC-address>

Use option '-d-' to check what the filter code actually is if in doubt.

Gisle V.


-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use
mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe