Av an issue with some script or may be logic on howto I would want to capture the verbose of tcp dump to sniff traffic on a given port say ssh so i write some class # module sniff sniff class PrimarySpoof: * """ Primary spoof class. This class shall be used to read tcpdump output from the system it shall then pass this packet to a class variable called capturedPacket to make it available to other methods for further manupulation """* capturedPacket=None *def* __init__(self,port): """ initialize the port. """ self.port = port *def* initializeTcpdump(self): # you must have imported the os module """ This method will initialize tcpdump for the port indicated in the init. """ import os cmd = "tcpdump -nnvvXSs 1514 -i eth0 dst port %d"%self.port # test if it returns some output #cmd = "tcpdump -nnvvXSs 1514 -i eth0" PrimarySpoof.capturedPacket = os.system(cmd) *def* displayCapturedPacket(self): """ Display the raw packet. """ print PrimarySpoof.capturedPacket ################### end of part sample My question and problem is if i run several tcp dumps at the same time, will the output be in sync? Say (1) i first run a tcpdump to just get the headers i.e source and destination without the payload (2) run another tcpdump just to get the payload (3) Then I re-assemble the packet and >>> my fun things OR Get the entire verbose then get into the regex hell, remember this is a continual stream, picking out the headers pay load and the tail as well as doing the processing : well someone advice Kind Rgds *___________________________fun____________________________________ its ok child, He's heard you *