tcptrace-bugs Running TCPTrace in "real time"

From: Michael Boman (
Date: 01/11/03

  • Next message: Sarah Williams: "tcptrace-bugs"

    Date: Sun, 12 Jan 2003 00:09:51 +0800
    From: Michael Boman <>
    Subject: tcptrace-bugs Running TCPTrace in "real time"
    Message-ID: <>


    I like 'tcptrace' and is planning to extend it with MySQL output
    format. The only problem I seem to have with it is that I can't make
    the program work on a live stream of data.

      # /usr/sbin/tcpdump -i eth1 -w - | tcptrace -l -n stdin
      1 arg remaining, starting with 'stdin'
      Ostermann's tcptrace -- version 6.0.1 -- Mon Dec 3, 2001

      tcpdump: listening on eth1
      0 packets seen, 0 TCP packets traced
      elapsed wallclock time: 0:00:02.387575, 0 pkts/sec analyzed
      trace file elapsed time: 0:00:00.000000
      no traced TCP packets

    The thing is that I didn't abort the program, and I know that there is
    a lot of traffic on that network.

    Also I am not certain (haven't checked the source yet) when the actuall
    print of the session occurs, could you please explain how it works?

    Best regards
     Michael Boman

    Michael Boman
    Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd)

    This archive was generated by hypermail 2b30 : 01/11/03 EST