tcpdump help ...
David Bandel
david.bandel
Thu Aug 18 17:55:49 PDT 2005
On 8/18/05, Ben Duncan <bns at meta3.net> wrote:
> Ok, been using tcpdump and my linux laptop at the Solowlaris Bank Co.
> Trapping packets all day. They are migrating from a MainFrame to
> SunFire server using a VSE/CICS emulation add-on. There seems to be some
> problem with SUn's VSE/CICS emulation package (Not surprising) and some
> integration of 3rd party equipment (like atm's and other equipment).
>
> Anyway, found out TCPDUMP is a VERY powerful tool to use. Now, I need, when
> I use the -X to see the hex & ASCII dump of packets themselves, to skip
> the 20 bytes of the header and JUST see the actual data to data portion of
> the packet.
The oldest most power packet sniffer out there. A must have for all
network admins.
>
> Any help out there on this one?
>
> Thanks ..
>
You can't exclude the link level header. However:
tcpdump -XXs 0 [expression]
should get you what you want. Note that that's a zero after the small
s (snaplength, or snapshot length), the expression is optional, but
you would be smart to limit what you want to see since with this you
will see a _lot_.
Ciao,
David A. Bandel
--
Focus on the dream, not the competition.
- Nemesis Air Racing Team motto
More information about the Linux-users
mailing list