|
EtherealRe: [Ethereal-users] how to get total time of a connections? |
|
||
|
|
EtherealRe: [Ethereal-users] how to get total time of a connections? |
|
||
Thank you very much! I am going to try and run it in linux and will let you know how it goes. I greatly appreciate your help, I will let you know if I make any changes to it. - George Sake Blok wrote: > George, > > Here is the script, I added a little copyright notice (taken and > modified from yet another script lol). If you make some nice additions > to the script, I would love to hear about it. Please take into account > that this script was written under cygwin and that I included some extra > fields in the ethereal columns, see the comment in the script about my > column-settings :) > > I hope it helps you out... > > > Cheers, Sake > > ----- Original Message ----- From: "George P Nychis" <gnychis@xxxxxxx> > To: "Ethereal user support" <ethereal-users@xxxxxxxxxxxx> > Sent: Sunday, April 02, 2006 7:47 AM > Subject: Re: [Ethereal-users] how to get total time of a connections? > > >> I would be unbelievably greatful for your script... it would help me >> very much :) >> >> - George >> >> >>> On Sat, Apr 01, 2006 at 03:27:10PM -0500, George Nychis wrote: >>>> >>>> I do mean TCP Connections. >>>> >>>> I was hoping tethereal could do this because i've already written some >>>> scripts to parse my log files that I could substitute new tethereal >>>> commands and filters into. >>>> >>>> But if all else fails I can definitely try this out! >>> >>> George, >>> >>> I have written a (perl)script a while back that parses ethereal >>> output and >>> produces the following output about tcp-streams: >>> >>> $ flows.pl trace.cap >>> 0,1.1.1.1:1190->2.2.2.2:443,0.000000,63.708205,8,9,844,1745,SsA+a-+-+a-A- >>> >>> ffAR >>> 1,1.1.1.1:1190->2.2.2.2:81,0.035901,63.682639,7,6,517,474,SsA+a-A-AfAFa >>> 2,1.1.1.1:1191->2.2.2.2:443,292.293840,2.64925600000004,19,21,4827,16450, >>> >>> SsA+a-+a+---A-A+-+-----AAA+-+a----AAA+Rr >>> 3,1.1.1.1:1191->2.2.2.2:81,292.329186,2.61231500000002,20,20,3774,16199,S >>> >>> sA+a-A--A-AA+a-A+--A--A-A+-A+--A--AFafA >>> 4,1.1.1.1:1192->2.2.2.2:443,294.566017,0.118852000000004,4,3,102,146,SsA+ >>> >>> a-R >>> 5,1.1.1.1:1192->2.2.2.2:81,294.600691,0.0852050000000304,4,3,0,0,SsAFafA >>> 6,1.1.1.1:1193->2.2.2.2:443,294.727954,0.207250999999985,6,5,1032,1466,Ss >>> >>> A+a-+-+-R >>> 7,1.1.1.1:1193->2.2.2.2:81,294.763050,0.175164999999993,6,5,729,241,SsA+a >>> >>> -AFafA >>> 8,1.1.1.1:1194->2.2.2.2:443,294.939192,47.239815,16,17,5507,7489,SsA+a-+a >>> >>> +-+-+-----AAA+-+-+-+-A-fA >>> 9,1.1.1.1:1194->2.2.2.2:81,294.973244,47.165423,19,15,5191,7173,SsA+a-A+a >>> >>> -A+--A--A-A+-A+-A+-A+-AfA >>> 10,1.1.1.1:1195->2.2.2.2:443,297.199711,44.982584,11,11,4045,899,SsA+a-+a >>> >>> +-+-+-+-+-A-fA >>> >>> tcp-session-number src-ip:port->dst-ip:port start-time (relative to >>> trace) >>> duration packets in packets out bytes in bytes out overview of syn, >>> ack, data, >>> fin etc... >>> >>> Does this come close to what you need? >>> >>> >>> Cheers, Sake _______________________________________________ >>> Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx >>> http://www.ethereal.com/mailman/listinfo/ethereal-users >>> >>> >> >> >> -- >> >> _______________________________________________ >> Ethereal-users mailing list >> Ethereal-users@xxxxxxxxxxxx >> http://www.ethereal.com/mailman/listinfo/ethereal-users >> >> > > ------------------------------------------------------------------------ > > _______________________________________________ > Ethereal-users mailing list > Ethereal-users@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-users
Powered by MHonArc 2.6.10