Date: Sun, 12 Jan 2003 00:09:51 +0800 From: Michael Boman <firstname.lastname@example.org> Subject: tcptrace-bugs Running TCPTrace in "real time" Message-ID: <20030112000951.A9448@securecirt.com>
I like 'tcptrace' and is planning to extend it with MySQL output
format. The only problem I seem to have with it is that I can't make
the program work on a live stream of data.
# /usr/sbin/tcpdump -i eth1 -w - | tcptrace -l -n stdin
1 arg remaining, starting with 'stdin'
Ostermann's tcptrace -- version 6.0.1 -- Mon Dec 3, 2001
tcpdump: listening on eth1
0 packets seen, 0 TCP packets traced
elapsed wallclock time: 0:00:02.387575, 0 pkts/sec analyzed
trace file elapsed time: 0:00:00.000000
no traced TCP packets
The thing is that I didn't abort the program, and I know that there is
a lot of traffic on that network.
Also I am not certain (haven't checked the source yet) when the actuall
print of the session occurs, could you please explain how it works?
-- Michael Boman Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd) http://www.securecirt.com
This archive was generated by hypermail 2b30 : 01/11/03 EST