On Mon, 30 Jan 2006, Jan Danielsson wrote:
>   I have written a tool for monitoring my firewall (pf). It gets its
> information by calling tcpdump. But the time reported by tcpdump seems
> to be offset by (exactly) minus an hour. Why is this?
>
> I live in Sweden, GMT+1 (in case it is relevant). NetBSD/i386 3.0.

Works for me - maybe give more data?

 	miyu% sudo tcpdump -nli ppp0 | head -3
 	tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
 	listening on ppp0, link-type PPP_SERIAL (PPP over serial), capture size 96 bytes
 	21:06:27.895290 IP: IP 193.149.44.35 > 84.146.226.109: 2001:608:9::42.80 > 2002:5492:e26d:2:202:2dff:fe65:199e.57929: F 4262575711:4262575711(0) ack 3400511320 win 33220 <nop,nop,timestamp 1226456280 10> [flowlabel 0xb1f4d]
 	21:06:27.898086 IP: IP 84.146.226.109 > 194.95.108.191: 2002:5492:e26d:2:202:2dff:fe65:199e.57929 > 2001:608:9::42.80: . ack 1 win 33120 <nop,nop,timestamp 41 1226456280> [flowlabel 0x34c5d]
 	21:06:30.570227 IP: IP 84.146.226.109 > 194.95.108.191: 2002:5492:e26d:2:202:2dff:fe65:199e.57929 > 2001:608:9::42.80: F 1:1(0) ack 1 win 33120 <nop,nop,timestamp 47 1226456280> [flowlabel 0x34c5d]
 	5 packets captured
 	6 packets received by filter
 	0 packets dropped by kernel
 	miyu% date
 	Mon Jan 30 21:06:44 MET 2006
 	miyu% env TZ=GMT date
 	Mon Jan 30 20:06:50 GMT 2006


  - Hubert