[plug] TCPdump interpretation
Evan Lau
evanlau at tartarus.uwa.edu.au
Thu Jan 4 11:26:56 WST 2001
Hi Mike,
Not too sure, but the man pages for tcpdump will show you how to interpret
the output depending on the switches you use etc....so take a look at
that.
Cheers,
Evan
On Thu, 4 Jan 2001, Earnshaw, Mike wrote:
> Pluggers,
>
> Can anyone help give pointers to what this excerpt from a tcpdump file
> means?
>
> 09:45:54.760614 0:0:81:59:e9:eb > 1:0:81:0:1:0 sap aa ui/C len=39
> 0a09 47ff 1901 0200 0000 0000 0000 0000
> 0000 0000 0000 0000 0000 0000 0000 0000
> 0000 0000 0000 00
> 09:45:54.761516 0:0:81:59:e9:eb > 1:0:81:0:1:1 sap aa ui/C len=39
> 0a09 47ff 1901 0200 0000 0000 0000 0000
> 0000 0000 0000 0000 0000 0000 0000 0000
> 0000 0000 0000 00
>
> Examining it appears:
>
> date.time mac address from > to mac address .... but the rest means?
>
> Thanks
>
> ------------------------------------------------------------------------
> -----
> Mike Earnshaw | Tech support is a fine art | e-mail in header
> Computer Systems | which once mastered, virtually | Tel : +61 8 9256
> 0023
> Support | ensures loss of sanity. | Fax : +61 8 9256
> 1199
> ------------------------------------------------------------------------
> -----
> ,-._|\ Union Switch & signal
> / \ 24 Bannick Court
> *_.--._/ Canning Vale, WA 6155, Western Australia
> v
> ------------------------------------------------------------------------
> -----
>
More information about the plug
mailing list