tcpdump -enx Format

[Igor Galić <i.galic () brainsware org>]

Hello tcpdump maintainers,

in search for a remotely adequate snoop replacement on other Unices, I stumbled
over the now long unmaintained ``tcpshow''.
The *BSD ports include patches that fix it's behaviour up to tcpdump 3.8.x.
Unfortunately the format used by tcpshow (-enx, in particular, -e) appears to
have been changed in 3.9.x, or at least that is what it's error message
"Badly formatted Ethernet address suggests."

Now my question, of course, is in how far that format has changed:
If I'm reading the source code correctly, the preceding TIME has been dropped.

I'd be very happy if you could give me some pointers.

Thank you in advance.

So long,
Igor
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.