tcpdump: packets dropped by kernel 25. Jun 2008
tcpdump is a really nice tool, but it may render useless with it’s default settings.
$ sudo tcpdump -i en1
In my case led to
80 packets captured
7705 packets received by filter
6794 packets dropped by kernel
To solve the issue I had to turn off address translation.
$ sudo tcpdump -i en1 -n
Now the results look as expected.
6941 packets captured
7011 packets received by filter
0 packets dropped by kernel
This is the most definitive answer upon this issue. Working perfectly on me. Thanks
Well, it helps, but the problem is basicaly about the packet queue, disabling DNS reverse only because it shortens the time, packet needs to stay in the queue. So in fact it is just a way around, that does not help in all occasions too much.
also using the -w option in order to write to file reduces the amount of packets dropped.
Thanks, it helped a lot.