Ethereal-users: [Ethereal-users] Cannot open tcpdump output

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Steve Fink <steve@xxxxxxxx>
Date: Mon, 17 Dec 2001 17:16:21 -0800
In my first attempt at using ethereal, I have run into two problems:

1. I wrote a dump file with
        tcpdump -i lo -s 1500 -w port8080 port 8080
ethereal says it's in a format it cannot understand.

# tcpdump -h
tcpdump version 3.4
libpcap version 0.4
Usage: tcpdump [-adeflnNOpqStvx] [-c count] [ -F file ]
                [ -i interface ] [ -r file ] [ -s snaplen ]
                [ -T type ] [ -w file ] [ expression ]

# ethereal -v
ethereal 0.7.7, with GTK+ 1.2.6, with libpcap

# uname -a
Linux foxglove 2.4.9 #4 Sat Dec 1 17:17:37 PST 2001 i686 unknown

# hexdump -n 128 port8080 
0000000 cd34 a1b2 0002 0004 0000 0000 0000 0000
0000010 05dc 0000 0001 0000 9340 3c1e 3b38 0003
0000020 004a 0000 004a 0000 0000 0000 0008 0004
0000030 0000 0000 d5dd 0000 0000 0000 0008 0045
0000040 3c00 cd39 0040 0640 ed02 007f 0100 007f
0000050 0100 608f 901f 57d5 ddd5 0000 0000 02a0
0000060 ff7f b841 0000 0402 0c40 0204 0a08 be07
0000070 10ec 0000 0000 0301 0003 9340 3c1e 3b38

2. Whenever I attempt to get ethereal to capture output for itself,
the capture window pops up blank and never says anything afterwards.
If I set it to realtime display, it initially pops up with text in the
window (all numbers are set to zero), but X never refreshes it.

What am I missing?

Thanks,
Steve