From owner-freebsd-questions Wed Jul 30 16:47:24 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA13444 for questions-outgoing; Wed, 30 Jul 1997 16:47:24 -0700 (PDT) Received: from NETSCOPE.NET (root@NETSCOPE.NET [206.240.85.2]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id QAA13392; Wed, 30 Jul 1997 16:46:20 -0700 (PDT) From: mark@intervista.net Received: from netscope.net (DIAL28.GRUNDY.NETSCOPE.NET [198.79.45.97]) by NETSCOPE.NET (8.6.12/8.6.9) with SMTP id TAA06883; Wed, 30 Jul 1997 19:47:29 -0400 Message-ID: X-Mailer: XFMail 1.1 [p0] on FreeBSD Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit MIME-Version: 1.0 In-Reply-To: <199707300735.RAA00756@freebie.lemis.com> Date: Wed, 30 Jul 1997 19:43:44 -0000 (GMT) To: grog@FreeBSD.ORG Subject: Re: tcptrace. Cc: questions@FreeBSD.ORG Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk yeah i knew that.but i was told that tcptrace will parce the packets and show all traffic,such as finger attemps and things like that. On 30-Jul-97 grog@FreeBSD.ORG wrote: >mark@intervista.net writes: >> i was wondering if anyone knows where to get tcptrace.i had the >> website and i forgot the address! > >I suspect part of the problem is that you've forgotten the name of the >packet, too. I think you're talking about tcpdump. It's part of the >FreeBSD distribution, so you don't need to go looking for it. > >> what exacly will tcptrace do.does it parce the packets and show >> ALL activities and network traffic? > >If you want. More importantly, you can give it search expression >which show only the stuff you're interested in. > >For example, if I want to see what's going on between here and >hub.freebsd.org, I can enter: > ># tcpdump -i tun0 host hub.freebsd.org >tcpdump: listening on tun0 >17:04:45.184501 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: P >705673731:705673732(1) ack 919555097 win 17520 (DF) [tos 0x10] >17:04:45.600277 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P 1:3(2) >ack 1 win 17520 (DF) [tos 0x10] >17:04:45.760109 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: . ack 3 >win 17520 (DF) [tos 0x10] >17:04:47.950705 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P >3:55(52) ack 1 win 17520 (DF) [tos 0x10] >17:04:47.960150 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: . ack 55 >win 17520 (DF) [tos 0x10] >17:04:50.120960 gregl1.lnk.telstra.net.1020 > hub.FreeBSD.ORG.login: P 1:2(1) >ack 55 win 17520 (DF) [tos 0x10] >17:04:50.570342 hub.FreeBSD.ORG.login > gregl1.lnk.telstra.net.1020: P >55:63(8) ack 2 win 17520 (DF) [tos 0x10] > >This is part of an interactive rlogin session (thus the port login on >hub). The -i option specifies the interface which you want to >monitor. > >Greg -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQENAzPd8zoAAAEIAO1IwLUXOTxtP7jePcqVJK0HyntvI1GEcz7kgixmt7M9LlSQ 9l+VHq3cVbsLQ+00G+kAgBn9rcQoZzMAnUEzvMjPl8LfO9nZZsfORYnS22Lz+k7c 03ybV0VOKRQHbfbjrnqKPx9aW476LTJfbDfueb1agV23b0CifxRfYVacYDkzRTl4 CqrDGtkhBgtK9pEq262fuRtieEFgffn3jUxMXkUIYCwUpj3cGLF9h3dxTrcys6yQ xpefwZSY3ynQvcvvQtwcSUrwAdDADsgtoIFel10OHjmEADYbKOdxD6GPRQYfBuyx DaIjVGj7Y5/tpUUxcO7VqervUhu2+VmwEKkWbikABROwAYe0BG1hcmuwAQOJARUD BRAz3fM6+VmwEKkWbikBAcLXB/4trFARnGwUC2JdF5mwrDBxKcmW4OLCCJl7Ea3R J6uND+JLTw6RTxfZd/FNnCFUSMl3ybDcefxgwxM41Ss6vrHsBco0MXAAntoXonsm Ph3ipYsJCNNFbqVCG+2NfNXOiTUgWlTr4lWuGH/y9073q6Ak4t/im1fR5cVD+6vZ hNkfJzYCcRTZqKkPTX1Z04BZryHyGVEy35DihoKnmPF58D8VYuc2eEymPa6Aq0O+ 5slcSXvn4MbpYbnoPFGRbSxDjrAHkKR3uqtYTXiiTvPaccC+hp0Icyw/owfuovXs INtUpbsqZaEY5EEJAqDaFfK7G2Vgrwfxs1U7/eKqRyQhV9cfsAHH =Zptm -----END PGP PUBLIC KEY BLOCK-----