Ethereal: Re: [Ethereal-dev] Running (T)Ethereal forever

Ethereal-dev: September 2004

Subject: Re: [Ethereal-dev] Running (T)Ethereal forever
From: "Guy Harris" <gharris@xxxxxxxxx>
Date: Thu, 2 Sep 2004 16:37:26 -0700 (PDT)

Richard Sharpe said:
> What's wrong with using tcpdump?

...with the "-S" option, otherwise tcpdump *also* maintains state
(per-connection state, so it can show relative sequence numbers).

(I assume it's not being run when writing to a capture file; if tcpdump is
being run with "-w" and a given capture filter, it won't maintain
per-connection state, as it doesn't dissect packets - but the same is true
of tethereal, so tcpdump vs. tethereal makes no difference in that case).

References:
- [Ethereal-dev] Running (T)Ethereal forever
  - From: Pierre JUHEN
- Re: [Ethereal-dev] Running (T)Ethereal forever
  - From: Ober Heim
- Re: [Ethereal-dev] Running (T)Ethereal forever
  - From: Richard Sharpe

Prev by Date: Re: [Ethereal-dev] Running (T)Ethereal forever
Next by Date: [Ethereal-dev] Re: version 0.10.6 unable to open 200MB capture file with a couple hundred K packets
Previous by thread: Re: [Ethereal-dev] Running (T)Ethereal forever
Next by thread: Re: [Ethereal-dev] Running (T)Ethereal forever
Index(es):
- Date
- Thread