The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > IP Networking
processing tcpflow output processing tcpflow output
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read


IP Networking Learn TCP/IP, Internet Protocol, Routing, Routers, Network protocols in this UNIX and Linux forum.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
On state processing and event processing iBot Complex Event Processing RSS News 0 01-29-2009 03:40 AM
On Event Processing Network and Transaction Processing iBot Complex Event Processing RSS News 0 10-04-2008 10:10 AM
processing tab-formated output of command w/bash sweede Shell Programming and Scripting 2 05-23-2008 10:17 PM
how to make a line BLINKING in output and also how to increase font size in output mail2sant Shell Programming and Scripting 3 04-14-2008 08:30 AM
Simple Event Processing != Complex Event Processing iBot Complex Event Processing RSS News 0 12-16-2007 12:10 PM

Closed Thread
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish Bulgarian Greek Powered by Powered by Google
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #1 (permalink)  
Old 02-02-2009
littleboyblu littleboyblu is offline
Registered User
  
 

Join Date: Jan 2009
Posts: 39
processing tcpflow output
I'm using tcpflow to analyze traffic traces. When I launch tcpflow with -r option it creates some files, one for each flow. The problem is that some of these files are not readable. I tryed to process them with awk, but also using it i cannot visualize them correctly. Can anyone suggest me a solution?
  #2 (permalink)  
Old 02-02-2009
sysgate's Avatar
sysgate sysgate is offline Forum Advisor  
Unix based
  
 

Join Date: Nov 2006
Location: Bulgaria
Posts: 1,323
Hello, while looking at the internet man page for tcpflow, -r switch means "Read packets from file, which was created using the -w option of tcpdump". Are you sure that you've got the right ones ? When you run "file" against the files, what does it say ?
  #3 (permalink)  
Old 02-02-2009
littleboyblu littleboyblu is offline
Registered User
  
 

Join Date: Jan 2009
Posts: 39
I solved it running tcpflow -r filename.pcap -s. Thanks anyway
  #4 (permalink)  
Old 04-18-2009
Neminath Neminath is offline
Registered User
  
 

Join Date: Apr 2009
Posts: 4
Connection packets seperation
I want to separate each tcp or udp connection packets into a separate file, is there any tool available which can do this.
  #5 (permalink)  
Old 04-19-2009
littleboyblu littleboyblu is offline
Registered User
  
 

Join Date: Jan 2009
Posts: 39
try wireshark
  #6 (permalink)  
Old 04-20-2009
Neminath Neminath is offline
Registered User
  
 

Join Date: Apr 2009
Posts: 4
wireshark does not separate the connection packets, but has an option to manually ask it to that. I have a very huge file containing 40-50 k connections. manually separating is just infeasible.
Closed Thread

Bookmarks

« Switching from DHCP to Static IP | Multihomed can not ping gateway »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Hybrid Mode Hybrid Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 11:53 PM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language Translations Powered by .
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0