Bug 9243

Summary: tcpdump under RedHat 6.1 captures/reads files in incorrect format
Product: [Retired] Red Hat Linux Reporter: Daniel Senie <dts>
Component: tcpdumpAssignee: Harald Hoyer <harald>
Status: CLOSED DUPLICATE QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 6.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-09 19:45:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Senie 2000-02-08 19:44:39 UTC 
When using tcpdump to capture packets to a file, or read packets from a
file, the file format used is inconsistent with the version of TCPDUMP on
RedHat 6.0 and 5.2 (and probably earlier). It would appear that some
alignment issues have occurred, perhaps due to changing compilers (egcs
vs. gcc).

The net result is that tcpdump-3.4-5 (on a RH5.2 system) for example,
cannot read files created on a 6.1 system running tcpdump-3.4-16, or vice
versa.

Third-party tools, such as EtherPeek (http://www.aggroup.com) are able to
read and decode tcpdump files from RedHat 6.0 and previous, but cannot
read them from RedHat 6.1. This backs up my contention that the file
format in 6.1 is messed up.
Comment 1 Jeff Johnson 2000-02-09 19:45:59 UTC 
*** This bug has been marked as a duplicate of 6773 ***