Questions - HTTP module and ATM interface

• Next message: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Previous message: Kim-Thuy Bui: "Does tcpTrace read input file created by Windump??"
• Next in thread: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Reply: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 30 Oct 2001 09:40:43 +0900
From: Choi Dong Joon <djchoi@cafe.etri.re.kr>
Subject: Questions - HTTP module and ATM interface
Message-ID: <20011030094043.A10630@cafe>

Hi.

I have two questions about tcptrace.

1.I use current version of tcpdump from www.tcpdump.org .
 When I tcpdump the connection of HTTP 1.1 with pipeline option,
(tcpdump -i eth0 -w test.dmp). the result of tcptrace (tcptrace -xHTTP test.dmp)
 is strange. The tested web page have7 images.
But there are one image retrieval information
and strange time informations. The result is as follows

------------
mod_http: Capturing HTTP traffic (port 80)
1 arg remaining, starting with 'pipe.dmp'
Ostermann's tcptrace -- version 5.2.VERSION_BUGFIX -- Wed Sep 15, 1999

94 packets seen, 94 TCP packets traced
elapsed wallclock time: 0:00:00.008746, 10747 pkts/sec analyzed
trace file elapsed time: 0:00:04.370090
TCP connection info:
  1: pc-4.etri.re.kr:32903 - 210.123.254.131:80 (a2b) 37> 57< (complete)
Http module output:
pc-4.etri.re.kr:32903 ==> 210.123.254.131:80 (a2b)
  Server Syn Time: Mon Oct 29 22:06:42.167035 2001 (1004360802.167)
  Client Syn Time: Mon Oct 29 22:06:41.626657 2001 (1004360801.627)
  Server Fin Time: Mon Oct 29 22:06:45.996642 2001 (1004360805.997)
  Client Fin Time: Mon Oct 29 22:06:45.456174 2001 (1004360805.456)
WARNING!!!! Information may be invalid, 74429 bytes were not captured
    Request for '/eng/main.htm HTTP/1.1'
 Content Length: 0
 Time GET sent: Mon Oct 29 22:06:42.170840 2001 (1004360802.171)
 Time Answer started: <the epoch> (0.000)
 Time Answer ACKed: <the epoch> (0.000)
 Elapsed time: 0 ms (GET to first byte sent)
 Elapsed time: 0 ms (GET to content ACKed)
    Request for '/eng/images/mh01.gif HTTP/'
 Content Length: 0
 Time GET sent: Mon Oct 29 22:06:42.748302 2001 (1004360802.748)
 Time Answer started: <the epoch> (0.000)
 Time Answer ACKed: <the epoch> (0.000)
 Elapsed time: 0 ms (GET to first byte sent)
 Elapsed time: 0 ms (GET to content ACKed)
----------------------

How do I use HTTP module of tcptrace when I captured packets of HTTP ?

2. The tcptrace could not interprete the tcpdump file of ATM network interface ?
How to interprete the tcpdump files of ATM interface?
I remember that I succeeded it last year. I could not remember the exact tcpdump
version.

Thank you.

----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.

• Next message: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Previous message: Kim-Thuy Bui: "Does tcpTrace read input file created by Windump??"
• Next in thread: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Reply: Daikichi Osuga: "Re: Questions - HTTP module and ATM interface"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 10/30/01 EST