Re: I would like to tcpdump and get all the packets...
From: Petri Helenius (pete_at_he.iki.fi)
Date: 09/18/03
- Previous message: Lev Walkin: "Re: I would like to tcpdump and get all the packets..."
- In reply to: Edwin Groothuis: "Re: I would like to tcpdump and get all the packets..."
- Next in thread: Bruce M Simpson: "Re: I would like to tcpdump and get all the packets..."
- Reply: Bruce M Simpson: "Re: I would like to tcpdump and get all the packets..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 18 Sep 2003 09:14:46 +0300 To: Edwin Groothuis <edwin@mavetju.org>
Edwin Groothuis wrote:
>On Wed, Sep 17, 2003 at 06:31:03PM -0700, Josh Brooks wrote:
>
>
>>Whenever I run:
>>
>>tcpdump -vvv
>>
>>when I am finished, I am surprised to see:
>>
>>27441 packets received by filter
>>7866 packets dropped by kernel
>>
>>
>
>That's because the buffer of captures-but-not-yet-processed packets
>in tcpdump was filled up. In other words, your system is to slow
>to process the amount of traffic going through your machine.
>
>
>
Sure, but because the bug in pcap-bpf.c there is no way to set the
buffer above 32768
without recompiling the library after applying the patch.
This bug should be fixed in the FreeBSD copy of libpcap because tcpdump
folks seem
to be quite dormant.
Pete
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Lev Walkin: "Re: I would like to tcpdump and get all the packets..."
- In reply to: Edwin Groothuis: "Re: I would like to tcpdump and get all the packets..."
- Next in thread: Bruce M Simpson: "Re: I would like to tcpdump and get all the packets..."
- Reply: Bruce M Simpson: "Re: I would like to tcpdump and get all the packets..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
