July 24th, 2003, 06:02 PM
Ok, I've been tumping a lot of traffic with the command: tcpdump -i eth1 -s 1500 -X -vvv -w packetlog.
Now, when I try to read the capture into Etherreal (on Windows) it crashes the app and tells me the file is corrupt. Also, when I read the file back into tcpdump using tcpdump -i eth1 -s 1500 -X -vvv -r packetlog, it takes forever to read, pausing over certain packets for a very long time. Is this mornal. Am I adding a CLI switch to tcpdump that I can do without?
Advice please for a tcpdumo newbie.