tcpdump
Andy Green
andy at warmcat.com
Mon Apr 23 22:33:24 UTC 2007
Kaushal Shriyan wrote:
> Hi Aly
>
> I get
>
> 03:55:09.050556 IP dhcp-192-18-68-199.test.com.3118 >
> it89.hyd.test.com.www: F 1399:1399(0) ack 2062 win 64954
> 03:55:09.050563 IP it89.hyd.test.com.www >
> dhcp-192-18-68-199.test.com.3118 : . ack 1400 win 8576
>
> so what does it indicate since I do not understand this at all
Add -s0 -X to the tcpdump line to see the contents in hex and ascii.
These are two ACK packets shown above. The first part of each line is
the time, protocol (IP), sender reverse DNS (use -n to stop the DNS
lookup and to see 123.123.123.123 addresses instead), sender port,
receiver reverse DNS, receiver port and then information about the flags
in the TCP/IP headers.
-Andy
More information about the fedora-list
mailing list