> This is the output of tcpdump when I try to ping debian's servers from the
> Quadra.
> poet:/home/rusty# tcpdump
> tcpdump: listening on ppp0
> 08:35:32.660000 4.62.115.139.63452 > 4.2.2.1.domain: 42438+ A? debian.org.
> (28)
> 08:35:32.710000 4.2.2.1.domain > 4.62.115.139.63452: 42438 1/8/5 A
> 192.25.206.10 (301) (DF)
>
> Ahhhh...the joys of looking at tcpdump on a quiet network! (mine) I volunteer
> at a school where there's tons of traffic, and I could never figure out how
> to isolate what I wanted, or even how to figure out what I wanted.
>
> Thanks!
>
You are getting back an answer, at least as far as the firewall's
external interface. Did you look to see if that reply is being sent on
your internal interface, back to the Quadra?
BTW, you can tell tcpdump to look at only the traffic that you are
interested in (no, its not quite that simple, no AI :-) To look only at
the traffic between gecko.hef and micro.hef on the incredibly busy
".hef" network:
tcpdump "host gecko.hef and host micro.hef"
To view ALL traffic in and out of gecko.hef:
tcpdump "host gecko.hef"
To view all traffic where gecko.hef originates the packets:
tcpdump "src host gecko.hef"
etc.
--ronan
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:55:47 EDT