summaryrefslogtreecommitdiff
path: root/tcpdump.1.in
Commit message (Collapse)AuthorAgeFilesLines
* Report periodic stats only when safe to do so. [skip ci]tcpdump-4.10.0-bpDenis Ovsienko2020-08-291-1/+3
| | | | | | | | | | | | | | | | As explained in GH #155, when tcpdump is given -r, -w and -v and it takes long enough to read from the input file (because it is stdin connected through network or a pipe to stdout of another tcpdump doing a live capture), pcap_loop() will error before long. One of the ways to reproduce the fault is as follows: $ tcpdump -i eno1 -w - | tcpdump -r - -w /tmp/tmp.pcap -v tcpdump: listening on eno1, link-type EN10MB (Ethernet), snapshot length 262144 bytes reading from file -, link-type EN10MB (Ethernet), snapshot length 262144 tcpdump: pcap_loop: error reading dump file: Interrupted system call Skip the verbose_stats_dump() timer setup in this specific corner case for the time being and document it.
* Fixup some letter case in the man page. [skip ci]Denis Ovsienko2020-08-221-2/+2
|
* Update the man page for "-d", "-i" and "-y".Denis Ovsienko2020-08-101-3/+36
| | | | | | | Describe the changes in behaviour after commit 74e6075, which implements the discussion made in GH #804. [skip ci]
* Use more BSD style references in the man page.Denis Ovsienko2020-07-281-2/+7
| | | | [skip ci]
* man: Add an example for printing TCP with RST+ACK both setFrancois-Xavier Le Bail2020-06-251-0/+10
| | | | | | Partially based on a Guy's comment in issue #860. [skip ci]
* -i affects more than just capture.Guy Harris2020-05-061-4/+5
| | | | Expand the description of the -i flag.
* Add "domain" as an option for -TFrancois-Xavier Le Bail2020-03-021-0/+1
| | | | | | This allows tcpdump to handle DNS running on non-standard ports. Add two test files with DNS over TCP and DNS over UDP, port 8053.
* Document "-T ptp" and "-T someip".Francois-Xavier Le Bail2020-03-021-6/+8
| | | | | | | Moreover: Sort by type. [skip ci]
* man: Add the long-options --micro and --nano in the SYNOPSIS sectionFrancois-Xavier Le Bail2020-02-281-1/+8
| | | | | | | Moreover: Update the date. [skip ci]
* Update the date in tcpdump.1.inFrancois-Xavier Le Bail2020-02-271-1/+1
| | | | [skip ci]
* Print an optional packet count on stderr instead of printing packetsFrancois-Xavier Le Bail2020-02-261-0/+9
| | | | | | | | | | This change add an option to print only on stderr the packet count when reading capture file(s) instead of parsing/printing the packets. If a filter is specified on the command line, tcpdump counts only packets that were matched by the filter expression. The option name is '--count'.
* -W has an argument.Guy Harris2020-02-221-1/+1
| | | | Should fix GitHub issue the-tcpdump-group/tcpdump-htdocs/#15.
* Fix typo in tcpdump.1.inNan Xiao2020-02-171-1/+1
|
* man page: Update the protocol nameFrancois-Xavier Le Bail2020-02-061-1/+1
|
* Fixup a roff warning in tcpdump.1.inDenis Ovsienko2019-09-151-0/+2
| | | | | | | | <standard input>:1918: warning [p 19, 1.7i]: cannot adjust line See libpcap commit bf5d5eb. [skip ci]
* Use more HTTPS in URLsFrancois-Xavier Le Bail2019-08-191-1/+1
| | | | [skip ci]
* Update the date in tcpdump.1.in.Denis Ovsienko2019-04-111-1/+1
| | | | [skip ci]
* Add shortcuts for setting time stamp precisionRicardo Nabinger Sanchez2019-04-031-0/+13
| | | | | | | | | | | | Add two shortcuts (as long-options) for setting the time stamp precision: --micro and --nano. While adding these options, reshuffle the usage message to group up the options related to time stamp, and removing the macro TIME_STAMP_PRECISION_USAGE. If setting the time stamp precision is not supported by the available libpcap, the usage won't mention these options (including --time-stamp-precision), but they will still be presented in the manpage.
* Amend the documentation about the use of the -C -G and -W switches.Andrea Ieri2018-12-191-2/+11
| | | | | | | | When using all three switches (-C -G and -W), the behavior is practically identical to only using -C and -G, as the -W flag will only affect the filename suffix. Fixes #695
* man page: Update the -ttt and -ttttt options sectionsFrancois-Xavier Le Bail2018-10-051-4/+8
| | | | | The delta is printed with microsecond or nanosecond resolution depending on the --time-stamp-precision option (default is microsecond resolution).
* Do not decrease font size for CLI output examples.Denis Ovsienko2018-07-191-6/+6
| | | | | | | | | Three CLI output examples in the tcpdump man page used to request a smaller font size since the beginning of the version control history. That had no effect on the plain text format, and made the examples difficult to read in the HTML format, so get rid of it. [skip ci]
* Fixup some references in the man page.Denis Ovsienko2018-07-181-3/+3
| | | | | | This way the references are proper hyperlinks in the HTML version. [skip ci]
* Fixup some hyphenation in the man page.Denis Ovsienko2018-07-111-3/+3
| | | | [skip ci]
* Update the timestamp in the man page.Denis Ovsienko2018-07-101-1/+1
| | | | [skip ci]
* Use HTTPS in the www.tcpdump.org URLs.Denis Ovsienko2018-07-091-1/+1
| | | | [skip ci]
* Fix a broken font escape in the manual page.Eric S. Raymond2018-04-151-1/+1
|
* Separate flushing the packet buffer from SIGINFO to SIGUSR2Guy Lewin2018-04-081-0/+4
|
* Use pcapng as the name of the file format.Guy Harris2018-01-081-3/+3
| | | | | | | | | | | | At one point, I remember a discussion resulting in the official name of the next-generation replacement for pcap format being changed to "pcapng", with no hyphen. Make tcpdump reflect that. While we're at it, uppdate to use "macOS" as the name of Apple's UNIX-for-Macs, as appropriate (don't use it for versions that were still called Mac OS X or OS X).
* Update the -s documentation.Guy Harris2017-12-141-13/+10
| | | | | | The -s default is now large, so it's not as if you'll have to increase it to get more packet data; you might have to *decrease* it to avoid dropping packets.
* It is once per second, not every 10 seconds.Denis Ovsienko2017-10-131-1/+1
| | | | [skip ci]
* Update the SSL library credits in the man page.Denis Ovsienko2017-10-131-1/+1
|
* Add a missing closing quote to the man page.Denis Ovsienko2017-10-121-1/+1
|
* Add --print, to cause packet printing even with -w.Guy Harris2017-10-111-34/+40
| | | | | | | While we're at it, clean up some man page issues found in the process of updating the man page to describe --print. Fixes GitHub issue #639.
* Fix typo "tcp-act" in manpageMitsunori Komatsu2017-09-191-1/+1
|
* Clean up the output format description somewhat.Guy Harris2017-05-231-96/+87
| | | | | | | | | | | Put the information about the time stamp first, and put in a more detailed description of IPv4 header information before TCP header information is described. Update the description of TCP header informaton to reflect current reality. More updating is probably needed.
* tcpdump can be of use for people who known nothing of TCP, these days.Guy Harris2017-05-231-1/+1
| | | | | | The "tcp" in "tcpdump" is historical; these days, it's a general-purpose network analyzer. Don't claim tcpdump will not be of much use to you if you don't know TCP.
* Prevent hyphenation for the e-mail address.Denis Ovsienko2017-02-041-1/+1
| | | | It did not look right in the text version of the man page.
* refine the feedback guidelinesDenis Ovsienko2017-02-021-6/+6
| | | | | | Provide better detailed guidelines in CONTRIBUTING and update a number of other files to refer to that file so that the directions are now more uniform.
* Note that interfaces may have numerical names.Guy Harris2016-08-091-1/+1
| | | | | | If N is a number, and is the name of an interface on the system, "-i N" will now attempt to open that interface, not the Nth interface in the list of interfaces. See GitHub issue #522.
* Initial support for the REdis Serialization Protocol known as RESP.Andrew Darqui2016-04-261-0/+1
| | | | | | | | | | | | | | | | | This commit adds support for RESP as defined in: http://redis.io/topics/protocol. It also supports inline commands and pipelining. Due to the popularity of RESP, numerous services are emerging that use this protocol. You may decode RESP packets on arbitrary ports using the "-T resp" option. Example captures can be found in tests/resp_*. A simple way to test this parser is to start redis-server and then run redis-cli commands such as "redis-cli set key value". Traditionally, redis-cli monitor is used to debug redis. Unfortunately, the "monitor" command can cause significant load on a redis-server in production. This parser may be used as a non-invasive alternative to redis-cli monitor.
* update last modified date in man page(s)Denis Ovsienko2015-12-171-1/+1
|
* Fix the maximum snaplen value in the man pageFrancois-Xavier Le Bail2015-09-171-2/+2
|
* Remove no longer used option 'R'Francois-Xavier Le Bail2015-09-081-7/+1
|
* Give more details about packet time stamps.Guy Harris2015-07-291-5/+9
| | | | | | | | | | | | | Don't speak of "Ethernet" and "wire", as you might not be sniffing an Ethernet or, indeed, any form of wired network. Note that not only could there be a delay between the point at which the interface is finished receiving the packet and when an interrupt is delivered (whether due to bus delays, polling rather than immediate interrupts being used, or delays in the CPU responding to the interrupt, or more than one of those) but also a delay between the point at which the kernel responds to the interrupt and the point at which it actually applies a time stamp to the packet.
* document SIGUSR1 in manual pageWolfgang Karall2015-02-241-1/+3
|
* Use immediate mode if available.Guy Harris2015-02-101-0/+11
| | | | | | If libpcap has pcap_set_immediate_mode(), then default to immediate mode if we're printing packets to a terminal, and use immediate mode if --immediate-mode is specified.
* Give more details about the printed time stamps.Guy Harris2014-11-051-3/+7
|
* update tcpdump.1.in for missing lineFrancois-Xavier Le Bail2014-07-111-0/+1
|
* update tcpdump.1.in for good aligment in tcpdump.1.txtFrancois-Xavier Le Bail2014-07-111-2/+5
|
* add a short option '#', same as long option '--number' (print a packet number)Francois-Xavier Le Bail2014-07-101-1/+4
|
View Lorry Controller Status