09-04-2013
To assist us in this, try breaking the problem up a bit - I can't spek fo the others here but I'm reluctant to expend a bunch of energy understanding how that packet dump format works and what the chain of events should be.
What specific questions do you have?
Are you having trouble making a script that identifies which lines in the output make up one 'conversation'? (If so, list what one conversation would look like and then show it in the larger output)
Are you having trouble scripting the maths to calculate the time differences? (If so, show exactly what values you are trying to perform the maths on).
Sorry I can't help more yet but you should find plenty of assistance once the problem is more clear.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
could you please find a solution for this
a complex command using pipes to Calculate the number of hits per client in Squid log file (access.log), the command should display most active hosts first.
Line example
1197979501.787 1 10.1.14.62 TCP_NEGATIVE_HIT/404 1463 GET http://url
The... (0 Replies)
Discussion started by: anything
0 Replies
2. Shell Programming and Scripting
hi all,
i recieve a file from other server, on a daily basis .... but the time of arrival is unpredictable ....
i need to move this file to another directory before the next file arrives ...
i have written a script that does this op and performs some manipulations on the data...
but i... (2 Replies)
Discussion started by: sais
2 Replies
3. Shell Programming and Scripting
Hi All,
I want to call a concurrent request set from a shell script. I am getting the syntax error "syntax error at line 417 : `(' unexpected" in the below script.
v_request_id=fnd_request.submit_request(application => 'APPL_SHORT_NAME'
,program => 'PROGRAM_SHORT_NAME'
... (4 Replies)
Discussion started by: swatipevekar
4 Replies
4. Shell Programming and Scripting
Hello All,
I have come across a small problem. It would be great if any of you could help me in resolving the issue.
one file named dummy.txt will be ftped to Unix machine twice daily. If i receive it second time in a day i need to do some processing with the file.
How to find the... (2 Replies)
Discussion started by: RSC1985
2 Replies
5. Shell Programming and Scripting
Hi Everyone,
I was very sad after a long way but still cannot figure out the duration between two date.
$date1="20090812 23:48:56";
$date2="20090813 00:01:37";
The output will be "001241".
I did the following tries, like print localtime(UnixDate(ParseDate("20090812 23:48:56"),"%s"));... (2 Replies)
Discussion started by: jimmy_y
2 Replies
6. Shell Programming and Scripting
I have a txt file which now has the following output
Sat Mar 6 04:00:01
Sat Mar 6 04:02:09
processing 585
Sat Mar 6 17:00:01
Sat Mar 6 17:00:58
processing 109
Sun Mar 7 04:00:01
Sun Mar 7 04:00:51
processing 309
Sun Mar 7 17:00:01
Sun Mar 7 17:00:41
processing 48
I want output as... (1 Reply)
Discussion started by: gubbu
1 Replies
7. Shell Programming and Scripting
I've a master file which will contain 100 file names, The script should read file name from a master file and format the file as below in AIX.
input file
Filename
This
is
a
test
file
Output File
Filename|This is a test file
Thanks in advance
for file in $FileList; do (5 Replies)
Discussion started by: udayakumar
5 Replies
8. Shell Programming and Scripting
Hi - I am looking for a little help to read in 2 date fields from a file in format:
20120508134012.3
yyyymmddhhmmss.tenths of a second
So i want to:
1. Read in the 1st date from the file
2. Read in the second date from the file
3. Calculate the difference in minutes (or seconds)
4. ... (5 Replies)
Discussion started by: Newbie2012
5 Replies
9. Shell Programming and Scripting
Hi All,
I have a script which does report the cpu usuage, there are few output parameter/fields displayed from the script. My problem is I have monitor the output and decide
which cpu number (column 2) has maximum value (column 6).
Since the output is displayed/updated every seconds, it's very... (1 Reply)
Discussion started by: Optimus81
1 Replies
10. UNIX for Beginners Questions & Answers
I want to calculate duration for below file in this format
SID | Date | Starttime |Date |End time
1607 |2019-04-05|13:06:42|2019-04-05|13:07:12
2327 |2019-04-05|13:57:26|2019-04-05|13:57:43
O/p should be like this:
SID | Date | Starttime |Date |Endtime... (4 Replies)
Discussion started by: anupmishra
4 Replies
LEARN ABOUT DEBIAN
dnspktflow
DNSPKTFLOW(1p) User Contributed Perl Documentation DNSPKTFLOW(1p)
NAME
dnspktflow - Analyze and draw DNS flow diagrams from a tcpdump file
SYNOPSIS
dnspktflow -o output.png file.tcpdump
dnspktflow -o output.png -x -a -t -q file.tcpdump
DESCRIPTION
The dnspktflow application takes a tcpdump network traffic dump file, passes it through the tshark application and then displays the
resulting DNS packet flows in a "flow-diagram" image. dnspktflow can output a single image or a series of images which can then be shown
in sequence as an animation.
dnspktflow was written as a debugging utility to help trace DNS queries and responses, especially as they apply to DNSSEC-enabled lookups.
REQUIREMENTS
This application requires the following Perl modules and software components to work:
graphviz (http://www.graphviz.org/)
GraphViz (Perl module)
tshark (http://www.wireshark.org/)
The following is required for outputting screen presentations:
MagicPoint (http://member.wide.ad.jp/wg/mgp/)
If the following modules are installed, a GUI interface will be enabled for communication with dnspktflow:
QWizard (Perl module)
Getopt::GUI::Long (Perl module)
OPTIONS
dnspktflow takes a wide variety of command-line options. These options are described below in the following functional groups: input
packet selection, output file options, output visualization options, graphical options, and debugging.
Input Packet Selection
These options determine the packets that will be selected by dnspktflow.
-i STRING
--ignore-hosts=STRING
A regular expression of host names to ignore in the query/response fields.
-r STRING
--only-hosts=STRING
A regular expression of host names to analyze in the query/response fields.
-f
--show-frame-num
Display the packet frame numbers.
-b INTEGER
--begin-frame=INTEGER
Begin at packet frame NUMBER.
Output File Options
These options determine the type and location of dnspktflow's output.
-o STRING
--output-file=STRING
Output file name (default: out%03d.png as PNG format.)
--fig
Output format should be fig.
-O STRING
--tshark-out=STRING
Save tshark output to this file.
-m
--multiple-outputs
One picture per request (use %03d in the filename.)
-M STRING
--magic-point=STRING
Saves a MagicPoint presentation for the output.
Output Visualization Options:
These options determine specifics of dnspktflow's output.
--layout-style
Selects the graphviz layout style to use (dot, neato, twopi, circo, or fdp).
-L
--last-line-labels-only
Only show data on the last line drawn.
-z INTEGER
--most-lines=INTEGER
Only show at most INTEGER connections.
-T
--input-is-tshark-out
The input file is already processed by tshark.
Graphical Options:
These options determine fields included in dnspktflow's output.
-t
--show-type
Shows message type in result image.
-q
--show-queries
Shows query questions in result image.
-a
--show-answers
Shows query answers in result image.
-A
--show-authoritative
Shows authoritative information in result image.
-x
--show-additional
Shows additional information in result image.
-l
--show-label-lines
Shows lines attaching labels to lines.
--fontsize=INTEGER
Font Size
Debugging:
These options may assist in debugging dnspktflow.
-d
--dump-pkts
Dump data collected from the packets.
-h
--help
Show help for command line options.
COPYRIGHT
Copyright 2004-2012 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.
AUTHOR
Wes Hardaker <hardaker@users.sourceforge.net>
SEE ALSO
Getopt::GUI::Long(3) Net::DNS(3) QWizard.pm(3)
http://dnssec-tools.sourceforge.net/
perl v5.14.2 2012-06-21 DNSPKTFLOW(1p)