243b289ab1
Tcpflow is a tool for capturing data transmitted as part of TCP connections (flows), and stores it in a way that is convenient for protocol analysis or debugging. tcpflow reconstructs the actual data streams and stores each flow in a seperate file for later analysis. PR: 13362 Submitted by: Jose M. Alcaide <jose@we.lc.ehu.es>
21 lines
937 B
Text
21 lines
937 B
Text
tcpflow is a program that captures data transmitted as part of TCP
|
|
connections (flows), and stores it in a way that is convenient for
|
|
protocol analysis or debugging. A program like 'tcpdump' only shows a
|
|
summary of packets seen on the wire, but usually doesn't store the
|
|
data that's actually being transmitted. In contrast, tcpflow
|
|
reconstructs the actual data streams and stores each flow in a
|
|
separate file for later analysis.
|
|
|
|
tcpflow understands sequence numbers and will correctly reconstruct
|
|
data streams regardless of retransmissions or out-of-order delivery.
|
|
However, it currently does not understand IP fragments; flows
|
|
containing IP fragments will not be recorded properly.
|
|
|
|
Note: this port includes a small patch that adds the capability of
|
|
reading the packets from a tcpdump(1) capture file, using
|
|
a new option (-r).
|
|
|
|
WWW: http://www.circlemud.org/~jelson/software/tcpflow/
|
|
|
|
- Jose M. Alcaide
|
|
jose@we.lc.ehu.es
|