Subject: Re: tcpdump and time
To: Jan Danielsson <email@example.com>
From: Gilbert Fernandes <firstname.lastname@example.org>
Date: 01/30/2006 22:06:27
> I have written a tool for monitoring my firewall (pf).
pf already has a tool for monitoring :)
Is your tool improving it ?
> to be offset by (exactly) minus an hour. Why is this?
It records time as UTC it seems, thus -0100.
The man page talks about the timestamp but doesn't say
the output will be converted to UTC so perhaps tcpdump
does not take in consideration /etc/localtime
> I live in Sweden, GMT+1 (in case it is relevant). NetBSD/i386
unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ;
fsck ; umount ; sleep