July 24th, 2003, 06:02 PM
Ok, I've been tumping a lot of traffic with the command: tcpdump -i eth1 -s 1500 -X -vvv -w packetlog.
Now, when I try to read the capture into Etherreal (on Windows) it crashes the app and tells me the file is corrupt. Also, when I read the file back into tcpdump using tcpdump -i eth1 -s 1500 -X -vvv -r packetlog, it takes forever to read, pausing over certain packets for a very long time. Is this mornal. Am I adding a CLI switch to tcpdump that I can do without?
Advice please for a tcpdumo newbie.
July 30th, 2008, 09:26 PM
Well, first off, you did not specify what version of RedHat you are using: would be nice to know.
My guess is it is a path problem.
is /usr/sbin in your path?
to find out
My guess also is you are using not using the root account ( GOOD ! ) to do this, but used some means to gain root access.
if you used
to utilize root access, maybe try instead
to utilize the root's paths as well?
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes