what is the meaning of 'P' in tcpdump outout?

Question

I am using tcpdump -i eth0 udp cmd to sniff packets on an Ubuntu 22.04 system, and here is the output.

07:26:49.735591 eth_2_1 In  IP 192.168.1.1.ntp > 10.0.3.2.ntp: NTPv6, symmetric active, length 1
07:26:49.735600 eth_2_4 Out IP 192.168.1.1.ntp > 10.0.3.2.ntp: NTPv6, symmetric active, length 1
07:26:59.263240 eth_2_1 P   IP 192.168.1.1.12322 > 200.210.4.0.12322: UDP, length 1

I assume the In and Out suggest the weather the interface is sending or receiving that packet, but what is letter P suggesting?

See https://serverfault.com/questions/972875/meaning-of-tcpdump-p-direction. First hit when searching for [tcpdump in out p](https://www.google.com/search?q=tcpdump+in+out+p) — Steffen Ullrich, Jul 21 '23 at 09:09

score 0 · Answer 1 · answered Jul 24 '23 at 06:24

0

Meanings of the packet type field:

In - packet addressed to host
Out - outgoing packet
B - broadcast
M - multicast
P - packet addressed to other host

Source: https://github.com/the-tcpdump-group/tcpdump/blob/master/print-sll.c#L142

answered Jul 24 '23 at 06:24

QY-Y

31
5

what is the meaning of 'P' in tcpdump outout?

1 Answers1