tcpdump mailing list archives
Re: pcap tools
From: Guy Harris <guy () alum mit edu>
Date: Thu, 31 Jul 2003 15:37:44 -0700
On Thursday, July 24, 2003, at 12:07 PM, Peter Moody wrote:
I was wondering if there were any tools out there which could analyze a pcap dump for errors, like retransmissions or other networking funkiness.
Recent versions of Ethereal (which uses libpcap format as its native format) support some amount of TCP analysis if you turn on the "Analyze TCP sequence numbers" preference for TCP. It also provides, for some protocols, response times for requests, so you could use a display filter (or color filter, or "find frame" command, all of which use display filter expressions) to look for retransmissions or for response times (for those protocols) greater than some specified value.
As Michael Richardson noted, there might be other tools that could do that sort of analysis as well.
- This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- pcap tools Peter Moody (Jul 24)
- Re: pcap tools Michael Richardson (Aug 15)
- Re: pcap tools Richard Sharpe (Aug 18)
- RE: pcap tools Jerome Freedman, Ph. D. (Aug 15)
- Re: pcap tools Guy Harris (Aug 15)
- Re: pcap tools Michael Richardson (Aug 15)