Bug 9546
Summary: | tcpdump -n prints port names | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Sarantis Paskalis <paskalis> |
Component: | tcpdump | Assignee: | Harald Hoyer <harald> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.1 | CC: | jbj |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-03-28 15:00:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 10739 | ||
Bug Blocks: |
Description
Sarantis Paskalis
2000-02-18 13:05:05 UTC
Yes. In order to avoid unnecessary network lookup traffic (the underlying reason for adding -n), ANK's tcpdump looks up common values for portnames internally. Possibly the behavior of -n should be preserved even in the internal lookup in order to produce similar output as before, but that can be achieved with a shell wrapper if absolutely necessary. FIxed (by updating man page) in tcpdump-3.4-22. This breaks nstreams (ftp://cvs.nessus.org/pub/nstreams/) a tcpdump file parser that requires that -n actually work. I understand the "spirit" of -n in reducing traffic, but personally, I'd rather something work one way, or the other, but not mixed -- as is the present case with -n. I'd STRONGLY prefer that -n work correctly, but absent that you mention a shell wrapper -- can you elaborate on that? I understand what you mean, but have no idea how to implement it. BTW, the reason I want to use tcpdump -n rather than the built-in nstreams capture is to capture ALL the RAW data. I can then use nstreams and/or other tools to analyze the data. If I capture with nstreams, well... I also installed tcpdump-3.4-29.i386.rpm (my system is RH6.2) in an attempt to get a fix. Needless to say, it did not work, but I also did not see any changes in the man page, per "FIxed (by updating man page) in tcpdump-3.4-22." tcpdump -nn does it's job without printing port names .. |