我找不到任何其他问题与我的问题相同。我想知道这是什么tcpdump: pcap_loop: truncated dump file; tried to read 1899 captured bytes, only got 1880意思。我在尝试保存 的输出时收到了它tcpdump -x /path/to/file。我使用 macOS 的无线诊断来捕获数据包并将其存储在 .pcap 文件中,现在当我运行 时tcpdump -x /path/to/file,我收到了消息tcpdump: pcap_loop: truncated dump file; tried to read 1899 captured bytes, only got 1880。我做错了什么吗?我需要做点不同的事情吗?如果有帮助的话,我正在运行 macOS Catalina 10.15.4。感谢所有帮助。谢谢!
答案1
您可以尝试使用手册页中记录的-U或选项:-l
-l
Make stdout line buffered. Useful if you want to see the data
while capturing it. E.g.,
tcpdump -l | tee dat
or
tcpdump -l > dat & tail -f dat
Note that on Windows,``line buffered'' means ``unbuffered'',
so that WinDump will write each character individually if -l
is specified.
-U is similar to -l in its behavior, but it will cause output
to be ``packet-buffered'', so that the output is written to
stdout at the end of each packet rather than at the end of
each line; this is buffered on all platforms, including
Windows.