[plug] TCPdump interpretation
Peter Wilsmore
djinn at ucc.gu.uwa.edu.au
Thu Jan 4 11:48:46 WST 2001
----- Original Message -----
From: "Earnshaw, Mike" <earnshawm at wa.switch.aust.com>
To: "PLUG (E-mail)" <plug at plug.linux.org.au>
Sent: Thursday, January 04, 2001 11:21 AM
Subject: [plug] TCPdump interpretation
> Pluggers,
>
> Can anyone help give pointers to what this excerpt from a tcpdump file
> means?
>
> 09:45:54.760614 0:0:81:59:e9:eb > 1:0:81:0:1:0 sap aa ui/C len=39
> 0a09 47ff 1901 0200 0000 0000 0000 0000
> 0000 0000 0000 0000 0000 0000 0000 0000
> 0000 0000 0000 00
> 09:45:54.761516 0:0:81:59:e9:eb > 1:0:81:0:1:1 sap aa ui/C len=39
> 0a09 47ff 1901 0200 0000 0000 0000 0000
> 0000 0000 0000 0000 0000 0000 0000 0000
> 0000 0000 0000 00
>
> Examining it appears:
>
> date.time mac address from > to mac address .... but the rest means?
I would have taken a wild guess that it is the payload but as has already
been said the man pages should tell you how to read it. When giving a
log like this it is sometimes helpful to give the command.
thanks,
Peter
More information about the plug
mailing list