On Mon, Sep 07, 1998 at 05:54:18PM +0100, Julian Coleman wrote:
> Brian Grayson wrote:
> >   Is there a flag to tcpdump that says, print out the ethernet address
> > of the sending machine?
> 
> Try :
>        -e     Print the link-level header on each dump line.

  Ah -- thanks to all the responders.  To my inexperienced
mind, ``link-level'' and ``Ethernet'' are not related at first
glance.  Shows how much I know about networking, huh?  Would
adding (typically Ethernet) in parentheses to the man page be
more helpful than confusing?  I notice the source code says
ethernet, not link-level, in tcpdump.c.

> PS.  How do you get tcpdump to show the length of packets?

  I don't know about that one.  I wrote a script that takes
tcpdump output and parses the length out of some of the output,
as a very rough traffic analyzer, but there _ought_ to be an easy
way to hack the source code, if nothing else.

  Thanks again.
  Brian
-- 
	"Love is a kind of seventh day -- it gives us a rest from thinking."
		--  from "Camelot"