Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 30 Jul 1997 17:05:58 +0930 (CST)
From:      grog@FreeBSD.ORG
To:        mark@intervista.net
Cc:        questions@FreeBSD.ORG
Subject:   Re: tcptrace.
Message-ID:  <199707300735.RAA00756@freebie.lemis.com>
In-Reply-To: <XFMail.970730013037.mark@intervista.net> from "mark@intervista.net" at "Jul 30, 97 01:28:30 am"
next in thread | previous in thread | raw e-mail | index | archive | help 
mark@intervista.net writes:
> i was wondering if anyone knows where to get tcptrace.i had the
> website and i forgot the address!

I suspect part of the problem is that you've forgotten the name of the
packet, too.  I think you're talking about tcpdump.  It's part of the
FreeBSD distribution, so you don't need to go looking for it.

> what exacly will tcptrace do.does it parce the packets and show
> ALL activities and network traffic?

If you want.  More importantly, you can give it search expression
which show only the stuff you're interested in.  

For example, if I want to see what's going on between here and
hub.freebsd.org, I can enter:

# tcpdump -i tun0 host hub.freebsd.org
tcpdump: listening on tun0
17:04:45.184501 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: P 705673731:705673732(1) ack 919555097 win 17520 (DF) [tos 0x10]
17:04:45.600277 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P 1:3(2) ack 1 win 17520 (DF) [tos 0x10]
17:04:45.760109 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: . ack 3 win 17520 (DF) [tos 0x10]
17:04:47.950705 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P 3:55(52) ack 1 win 17520 (DF) [tos 0x10]
17:04:47.960150 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: . ack 55 win 17520 (DF) [tos 0x10]
17:04:50.120960 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: P 1:2(1) ack 55 win 17520 (DF) [tos 0x10]
17:04:50.570342 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P 55:63(8) ack 2 win 17520 (DF) [tos 0x10]

This is part of an interactive rlogin session (thus the port login on
hub).  The -i option specifies the interface which you want to
monitor.

Greg

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707300735.RAA00756>