The tcptrace tool only understand the binary format of the dump..so do not
filter the ouput to a text file...try this::
tcpdump -w tcpdump.log
then run tcptrace on the file..
hth,
A
>
> On Wed, 19 Jan 2000, Arni Raghu wrote:
> >
> > http://jarok.cs.ohiou.edu/software/tcptrace/tcptrace.html
> >
> > This is a real cool tool that can do many things...use it with xplot and
u
> > will be amazed to see ur tcpdumps comes to life :)
>
> Ok, created a tcpdump.log (just for testing purposes), with the
> command line:
>
> tcpdump -n -i eth0 host 10.0.0.2 > /tmp/tcpdump.log
>
> The resulting LOG file has the following format:
>
> 11:09:13.882243 10.0.0.2.1035 > 10.0.0.1.21: S
> 1758443587:1758443587(0) win 31856 <mss 1460,sackOK,timestamp
> 431808[|tcp]> (DF)
> 11:09:13.882243 10.0.0.1.21 > 10.0.0.2.1035: S 746332710:746332710(0)
> ack 17 58443588 win 32736 <mss 1460>
> 11:09:13.882243 10.0.0.2.1035 > 10.0.0.1.21: . ack 1 win 32160 (DF)
> 11:09:16.912243 10.0.0.1.21 > 10.0.0.2.1035: P 1:111(110) ack 1 win
> 32736 (DF) [tos 0x10]
> 11:09:16.912243 10.0.0.2.1035 > 10.0.0.1.21: . ack 111 win 32160 (DF)
>
> Then, when I run tcptrace, I get the following msg:
>
> $ ./tcptrace tcpdump.log
> 1 args remaining, starting with 'tcpdump.log'
> Ostermann's tcptrace -- version 4.1.3 -- Tue Dec 9, 1997
>
> Running file 'tcpdump.log'
> Unknown input file format
> Supported Input File Formats:
> tcpdump tcpdump -- Public domain program from LBL
> snoop Sun Snoop -- Distributed with Solaris
> etherpeek etherpeek -- Mac sniffer program
> netmetrix Net Metrix -- Commercial program from HP
> $
>
> libpcap is already installed:
>
> $ rpm -qa | grep pcap
> libpcap-0.4-1
> $
>
> Can anybody tell me what's wrong??? How can I solve this??
>
> Regards,
> Ivan
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
