On Wed, Jan 17, 2001 at 02:12:47PM -0500, randy.coleman@xxxxxxx wrote:
> I'm capturing traffic using tcpdump (with the -w option) on an AIX
> system. The files read into Ethereal fine, but every packet shows
> up as "TR MAC" in the protocol column and "Report Monitor Errors" in
> the Info column. This is seen on both a Win32 as well as Solaris
> version of Ethereal, so I suspect it is anAIX-related problem. I
> can dump the tcpdump file to text using 'tcpdump -r <filename>', and
> I see what I expect to see...mostly TCP/IP and UDP packets.
>
> Any idea as to what may be going on or what I may have f---ed up?
You're using the tcpdump that comes with AIX, right? That is, you
did not download tcpdump sources from the old lbl.gov site, or
from the new tcpdump.org site?
This is probably a case of the resulting file not having
its version numbers set correctly.
What version of AIX?
What version does "tcpdump -h" report?
If you can post the trace file (it doesn't contain sensitive data),
please send a small trace file to ethereal-dev@xxxxxxxxxxxx.
If not, I have access to AIX machines, but I want to be sure
that we're using the same versions of AIX-tcpdump.
Note that AIX also comes with iptrace/ipreport. Ethereal can read
those files just fine.
--gilbert
