Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-users: [Ethereal-users] Tethereal IPX decoding

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Justin Funke" <jfunke@xxxxxxxxxxxxxxxxx>
Date: Thu, 31 Oct 2002 11:38:31 -0600
I am working with tethereal to sniff IPX traffic on a logging server
attached in front of a Netware 4 server. What we were hoping to achieve
is to capture the first part of the packets so we would have an
independent system logging file access on the server. 

Everything is working ok but it seems we can't both decode IPX traffic
and limit the size of the packet captured.
This is the command we have been working with...
tethereal -i dc0 -q -s 64 -x -F ngwsniffer_2_0 -w /usr/ipx64.cap &

What we want to mimic is an "ngrep" type effect where we can decode the
traffic and capture just enough of the packet to know the originating
address and the file they were viewing. The problem is that it seems if
we decode the traffic it wants to capture the entire packet and we are
getting GB's of traffic logged each day.

Any ideas?

Thanks,

Justin.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube