tcpdump mailing list archives

Re: forces (and sctp) patch

From: Darren Reed <Darren.Reed () Sun COM>
Date: Mon, 11 Jan 2010 22:25:53 +0530

On 11/01/2010 1:29 AM, Michael Richardson wrote:

...
I was initially concerned about the output with -v, as it is multiline,
and I think that without -v, one packet should occupy one line.
This makes postprocessing easier, and certainly makes grep easier.
Maybe we need another option, "--human"...

With -v, the ip printer now starts a new line before the protocol.
I am wondering if this was a wise change to have made....  Comments?


Well, it gets in the way of all types of things, for example:

tcpdump-v -i foo.cap | egrep pattern | wc -l

I think the behaviour should be the reverse of the -g in Mac OS X
and that is it should be necessary to use some new command line
option to force tcpdump to insert new lines between things.

Darren

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

forces (and sctp) patch Michael Richardson (Jan 10)
- Re: forces (and sctp) patch Guy Harris (Jan 10)
- Re: forces (and sctp) patch Darren Reed (Jan 11)
  - Re: forces (and sctp) patch sthaug (Jan 11)
    - Re: forces (and sctp) patch Michael Richardson (Jan 12)
    - Re: forces (and sctp) patch Darren Reed (Jan 18)
    - Re: forces (and sctp) patch Michael Richardson (Jan 18)
    - Re: forces (and sctp) patch Darren Reed (Jan 19)
    - Re: forces (and sctp) patch sthaug (Jan 19)
    - Re: forces (and sctp) patch Gert Doering (Jan 19)
    - Re: forces (and sctp) patch Guy Harris (Jan 19)