Re: How to dump packet after filtered

From: Manikantan Ramadas (mramadas@cs.ohiou.edu)
Date: 04/08/02

Next message: Matt Muggeridge: "TCPTRACE on Compaq's OpenVMS?"

Previous message: Hekkk Hekk: "realtime option."
Maybe in reply to: Hekkk Hekk: "How to dump packet after filtered"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Mon, 8 Apr 2002 13:06:14 -0400
From: Manikantan Ramadas <mramadas@cs.ohiou.edu>
Subject: Re: How to dump packet after filtered
Message-ID: <20020408130614.A17535@masaka.cs.ohiou.edu>

Chong,

Sorry, I did not answer your question right, the first time.

Filtering out connections is a 2 step process with tcptrace.

You first say :

tcptrace -n '-f b_port!=113' wee

This would leave a file called "PF" in your current directory listing the
connection numbers that matched the filter.

Next you say :

tcptrace -n -oPF -Oddd wee

This would get you the info. on only the connections that matched in the
file 'ddd'

Hope that helps,

-Mani.

"Imagination is more important than knowledge" - Einstein.
___________________________________________________________________

Manikantan Ramadas -- IRG -- http://irg.cs.ohiou.edu/~mramadas
___________________________________________________________________

----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.

Next message: Matt Muggeridge: "TCPTRACE on Compaq's OpenVMS?"
Previous message: Hekkk Hekk: "realtime option."
Maybe in reply to: Hekkk Hekk: "How to dump packet after filtered"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 04/09/02 EDT