blob: 00139967959d2b18ac797f6b14eb6a203cc5537b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
tcpflow is a program that captures data transmitted as part of TCP
connections (flows), and stores it in a way that is convenient for
protocol analysis or debugging. A program like 'tcpdump' only shows a
summary of packets seen on the wire, but usually doesn't store the
data that's actually being transmitted. In contrast, tcpflow
reconstructs the actual data streams and stores each flow in a
separate file for later analysis.
tcpflow understands sequence numbers and will correctly reconstruct
data streams regardless of retransmissions or out-of-order delivery.
However, it currently does not understand IP fragments; flows
containing IP fragments will not be recorded properly.
Note: this port includes a small patch that adds the capability of
reading the packets from a tcpdump(1) capture file, using
a new option (-r).
WWW: http://www.circlemud.org/~jelson/software/tcpflow/
|
