AskUbuntuSTP traffic without bridge enabled #networking #2404 #tcpdump
DrScripttI’m quite sure that #tcpdump’s [!smtp] is not truncation because:
• -s (snaplen) is set to 0 which means 256 kB or larger
• I was seeing [!smtp] on lines less than 76 bytes long
• I was not seeing [!smtp] on other lines between 77 and 998 bytes long
It seems to me that #tcpdump’s SMTP dissector might not be as functional as hoped.
As in possibly nothing more than a stub for future code.
The print-smtp.c file seems to be skeleton.
Compared to print-http.c which includes HTTP verbs.
The former has a NULL in the function call where the latter has an array of verbs.
So [!smtp] may be a red herring.
Does anyone know what the following at the end of a line of output from #tcpdump means?
[!smtp]
When sniffing SMTP traffic.
The man page on the system says that the following in the same position indicates snap length truncation.
[|smtp]
But the first (unknown) is an exclamation point while the second (snap length) is a pipe character.
I’m having trouble finding a description of what [!smtp] means.
🙁
N-gated Hacker News📉 Oh, sweet mother of packet-sniffing, another "UDP Story" where the protagonist heroically descends into the #OSI #model like it's some kind of #networking Dante's Inferno. 🤯 Spoiler alert: it's just a lot of #soldering and TCPdumping—because what could be more thrilling than that? 🙄
https://www.mattkeeter.com/blog/2022-08-11-udp/ #UDP #Story #packet #sniffing #TCPdump #HackerNews #ngated
https://www.mattkeeter.com/blog/2022-08-11-udp/ #UDP #Story #packet #sniffing #TCPdump #HackerNews #ngated
🤣 Oh, joy! Yet another groundbreaking revelation: people like *examples* in man pages. Who could have guessed? 🚀 Thank goodness someone finally added the most *basic* #examples to #tcpdump and #dig... because, you know, reading is hard. 📚🔍
https://jvns.ca/blog/2026/03/10/examples-for-the-tcpdump-and-dig-man-pages/ #manpages #programming #humor #HackerNews #ngated
https://jvns.ca/blog/2026/03/10/examples-for-the-tcpdump-and-dig-man-pages/ #manpages #programming #humor #HackerNews #ngated
Hacker NewsExamples for the tcpdump and dig man pages
https://jvns.ca/blog/2026/03/10/examples-for-the-tcpdump-and-dig-man-pages/
#HackerNews #tcpdump #dig #manpages #networking #examples #techblog
I had some fun with #tcpdump today.
tcpdump -pnni eth0 "host 192.0.2.1 or (ip[44:1] & 255 == 192 and ip[45:1] & 255 == 0 and ip[46:1] & 255 == 2 and ip[47:1] & 255 = 1)"
I was doing mtr traces and wanted to watch for packets associated to the host (192.0.2.1).
ICMP (usually) includes enough of the original packet that I could match on the destination IP in the incoming time to live exceeded packet from various routers along the way.
ip[44:1] – ip[47:1] are the four bytes in the incoming TTL exceeded packet matching the original destination IP I was interested in.
sahilister> 11:27:48.789315 ARP, Request who-has 192.168.205.166 tell 192.168.205.166, length 46
`tcpdump` is always fun.
🚀📡 Why does #SSH send 100 packets per keystroke? Because it loves a good workout, obviously! 💪🔄 Meanwhile, our brave investigator dives deep into #tcpdump territory, only to discover that the real mystery is why anyone cares. 🙄🔍
https://eieio.games/blog/ssh-sends-100-packets-per-keystroke/ #networking #cybersecurity #investigation #techhumor #HackerNews #ngated
https://eieio.games/blog/ssh-sends-100-packets-per-keystroke/ #networking #cybersecurity #investigation #techhumor #HackerNews #ngated
