Red Hat Bugzilla – Bug 78193
Different Number of Packets
Last modified: 2008-05-01 11:38:04 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Description of problem:
We are using the re-direct feature to print the results to a file
tcpdump -e -x host A and Host b >testfile
we are monitoring the traffic of a cetrain file.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
There not any.
The problem arrizes for the number of packets that tcpdump report.
using the screen as the standart output
tcpdump -e -x host A and Host b
the number of packets are 2.000
tcpdump -e -x host A and Host b > testfile
using the file as the standart output the number of packets are 6.000
Please note that we are following the same procedure, monitoring
the traffic of the same file
Expected Results: Same number of packets at both scenarios.
Note that at 3.6.3 this problem does not exist!
Do not tell me that the shell ">" redirector changes any of the tcpdump
Show me how you can make a reproducible network traffic other than using a dump
file and the -r argument.
The shell ">" has nothing to do with tcpdump.
If you are logged in from host A to the other host B and start tcpdump over the
network you should experience _even_ less packets with ">" because the packets
containing the output of tcpdump are not transferred over the network...
*** Bug 78192 has been marked as a duplicate of this bug. ***
You are right that the shell ">" redirector DOES NOT changes any of the
Today i tried the following commands from HOST7.
It is on the same subnet & hub with the HOST8.
Host 8 download a 17 MB file using sftp.
Tcpdump -x -w test1 host HOST8 and unix1
Immediately, same procedure but print to the screen
Tcpdump -x host HOST8 and unix1
I have not mentioned that i am not logged as root.
TCPdump requieres root priviledes to run propertly?
The file is saved to my home directory where i have full privileges,
Yes, tcpdump requires root priveledges to run. Otherwise any user on
the system could sniff network traffic, steal passwords, and capture
other data going over the network.
I fail to see any valid bug in this bug report. tcpdump is working properly