Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!think!barmar
From: barmar@think.com (Barry Margolin)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: tcpdump
Keywords: tcpdump, tcp, etherfind
Message-ID: <34228@news.Think.COM>
Date: 24 Feb 90 06:24:33 GMT
References: <370@charyb.COM> <372@charyb.COM>
Sender: news@Think.COM
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 17

In article <372@charyb.COM> dan@charyb.UUCP (Dan Mick) writes:
>Greg Earle has kindly informed me that SunOS 4.x's etherfind has most
>of the tcpdump stuff incorporated under its -v(erbose) option.  It 
>certainly does.  THANKS, Greg!  

Etherfind is certainly better than nothing, and I use it quite a bit these
days because so many of our systems are Sun-4's, but it's nowhere near as
good as tcpdump.  It doesn't do any decoding of NFS or Appletalk packets,
for instance, and it doesn't translate port numbers to service names.  It
doesn't have as good a filter-specification language; for instance, tcpdump
allows you to specify "port 2049" as an abbreviation for "(srcport 2049 or
dstport 2049)".
--
Barry Margolin, Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar