1

I've found a strange line in the tcpdump output. Normally UDP packets are dumped in the following form:

timestamp IP srcaddress.port > dstaddress.port: UDP, length packetlength

but this is just:

timestamp IP srcaddress > dstaddress: udp

note the missing port numbers, the lowercase udp and the missing packet length.

Does somebody know what's this?

Improve this question
2
  • Just udp, not [|udp]? What does tcpdump -h print?
    – user137177
    Commented Apr 30, 2015 at 19:43
  • @GuyHarris: as you can see this was a long time ago.. not even sure how to reproduce it in a different environment..
    – Karoly Horvath
    Commented May 1, 2015 at 10:01

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .