diff options
Diffstat (limited to 'usr.sbin/tcpdump/README')
| -rw-r--r-- | usr.sbin/tcpdump/README | 51 |
1 files changed, 28 insertions, 23 deletions
diff --git a/usr.sbin/tcpdump/README b/usr.sbin/tcpdump/README index caecde9a087..177ffdd08b5 100644 --- a/usr.sbin/tcpdump/README +++ b/usr.sbin/tcpdump/README @@ -1,6 +1,6 @@ -@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/README,v 1.5 1996/12/12 16:23:02 bitblt Exp $ (LBL) +@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/README,v 1.6 1999/07/28 20:41:34 jakob Exp $ (LBL) -TCPDUMP 3.3 +TCPDUMP 3.4 Lawrence Berkeley National Laboratory Network Research Group tcpdump@ee.lbl.gov @@ -10,7 +10,7 @@ This directory contains source code for tcpdump, a tool for network monitoring and data acquisition. The original distribution is available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z. -Tcpdump now uses libcap, a system-independent interface for user-level +Tcpdump now uses libpcap, a system-independent interface for user-level packet capture. Before building tcpdump, you must first retrieve and build libpcap, also from LBL, in: @@ -20,30 +20,35 @@ Once libpcap is built (either install it or make sure it's in ../libpcap), you can build tcpdump using the procedure in the INSTALL file. -The program is loosely based on SMI's "etherfind" although none -of the etherfind code remains. It was originally written by Van -Jacobson as part of an ongoing research project to investigate and -improve tcp and internet gateway performance. The parts of the -program originally taken from Sun's etherfind were later re-written -by Steven McCanne of LBL. To insure that there would be no vestige -of proprietary code in tcpdump, Steve wrote these pieces from the -specification given by the manual entry, with no access to the -source of tcpdump or etherfind. - -Over the past few years, tcpdump has been steadily improved -by the excellent contributions from the Internet community -(just browse through the CHANGES file). We are grateful for -all the input. - -Richard Stevens gives an excellent treatment of the Internet -protocols in his book ``TCP/IP Illustrated, Volume 1''. -If you want to learn more about tcpdump and how to interpret -its output, pick up this book. +The program is loosely based on SMI's "etherfind" although none of the +etherfind code remains. It was originally written by Van Jacobson as +part of an ongoing research project to investigate and improve tcp and +internet gateway performance. The parts of the program originally +taken from Sun's etherfind were later re-written by Steven McCanne of +LBL. To insure that there would be no vestige of proprietary code in +tcpdump, Steve wrote these pieces from the specification given by the +manual entry, with no access to the source of tcpdump or etherfind. + +Over the past few years, tcpdump has been steadily improved by the +excellent contributions from the Internet community (just browse +through the CHANGES file). We are grateful for all the input. + +Richard Stevens gives an excellent treatment of the Internet protocols +in his book ``TCP/IP Illustrated, Volume 1''. If you want to learn more +about tcpdump and how to interpret its output, pick up this book. Some tools for viewing and analyzing tcpdump trace files are available from the Internet Traffic Archive: - http://town.hall.org/Archives/pub/ITA/ + http://www.acm.org/sigcomm/ITA/ + +Another tool that tcpdump users might find useful is tcpslice: + + ftp://ftp.ee.lbl.gov/tcpslice.tar.Z + +It is a program that can be used to extract portions of tcpdump binary +trace files. See the above distribution for further details and +documentation. Problems, bugs, questions, desirable enhancements, source code contributions, etc., should be sent to the email address |