When you use tcpdump on Linux, and do not see all the packets you are expecting, and get something like this:
10 packets captured
100 packets received by filter
0 packets dropped by kernel
Make sure you use "tcpdump -Nn ...". This disables tcpdump name lookup, and makes tcpdump much faster/real-time. It took me some time to find this out. Hope this helps.
No comments:
Post a Comment