tcptrace-bugs Running TCPTrace in "real time"

From: Michael Boman (michael.boman@securecirt.com)
Date: 01/11/03

Next message: Sarah Williams: "tcptrace-bugs www.tcptrace.org"

Previous message: Desem, Can: "tcptrace-bugs Time error with large files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 12 Jan 2003 00:09:51 +0800
From: Michael Boman <michael.boman@securecirt.com>
Subject: tcptrace-bugs Running TCPTrace in "real time"
Message-ID: <20030112000951.A9448@securecirt.com>

Hi,

I like 'tcptrace' and is planning to extend it with MySQL output
format. The only problem I seem to have with it is that I can't make
the program work on a live stream of data.

Example:
  # /usr/sbin/tcpdump -i eth1 -w - | tcptrace -l -n stdin
  1 arg remaining, starting with 'stdin'
  Ostermann's tcptrace -- version 6.0.1 -- Mon Dec 3, 2001

  tcpdump: listening on eth1
  0 packets seen, 0 TCP packets traced
  elapsed wallclock time: 0:00:02.387575, 0 pkts/sec analyzed
  trace file elapsed time: 0:00:00.000000
  no traced TCP packets

The thing is that I didn't abort the program, and I know that there is
a lot of traffic on that network.

Also I am not certain (haven't checked the source yet) when the actuall
print of the session occurs, could you please explain how it works?

Best regards
Michael Boman

-- Michael Boman Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd) http://www.securecirt.com

application/pgp-signature attachment: stored

Next message: Sarah Williams: "tcptrace-bugs www.tcptrace.org"
Previous message: Desem, Can: "tcptrace-bugs Time error with large files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 01/11/03 EST