From: Manikantan Ramadas (email@example.com)
Date: Mon, 19 Jul 2004 15:46:29 -0400 From: Manikantan Ramadas <firstname.lastname@example.org> Subject: Re: tcptrace-bugs Number of packets seen by tcptrace Message-ID: <20040719194629.GB26926@irg.cs.ohiou.edu>
Oh, thats because tcptrace returns a count of only IP packets (IPv4
and IPv6) while tcpdump counts the rest too (like ARP traffic,
ethernet broadcasts by switches, broadcasts by wireless base-stations,
On Mon, Jul 19, 2004 at 12:14:00PM -0700, suseela sarasamma wrote:
> I am using tcptrace with the -u option to get TCP as well as UDP records in raw tcpdump.
> The actual number of packets in two raw tcpdump files are as follows:
> file 1 : 7778
> file 2: 7803
> Tcptrace reports the number of packets seen as follows:
> file 1: 7583
> file 2: 7604
> Why is this difference?
> Do you Yahoo!?
> Vote for the stars of Yahoo!'s next ad campaign!
-- "'Beauty is truth, truth beauty,'--that is all Ye know on earth, and all ye need to know." - John Keats ____________________________________________________________________ * Manikantan Ramadas * IRG, OU * http://irg.cs.ohiou.edu/~mramadas * ____________________________________________________________________
This archive was generated by hypermail 2.1.7 : 07/20/04 EDT