Hi Daniel, > > How about tcpdump? >
Thanks for the suggestion. tcpdump is good, but it doesn't solve all problems. There are a few reasons: * TCP packets could arrive out of order * The data needn't belong to a valid TCP connection * The app could just discard data (close/flush/etc) In short, there is a lot of state and complex logic which act on the packets before it is seen by the application. Given the complexity (such as wide variations in TCP implementation), I am not sure if reimplementing them is a good idea, even if it's possible. Thanks, -- Vimal _______________________________________________ Kernelnewbies mailing list [email protected] http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
