Changes between Initial Version and Version 1 of TraceDump


Ignore:
Timestamp:
02/27/07 15:46:47 (14 years ago)
Author:
spa1
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TraceDump

    v1 v1  
     1{{{tracedump}}} is a libtrace tool that can display packets in a readable format.
     2
     3=== Usage ===
     4tracedump  [  -f exp | --filter=exp ] [ -c num | --count=num ] inputuri ...
     5
     6=== Options ===
     7 {{{-f, --filter}}}::
     8   Output only packets that match the bpf filter expression. See tcpdump(1) for the syntax of the bpf filter expression
     9 {{{-c, --count}}}::
     10   Stop after displaying __num__ packets
     11
     12=== Applications ===
     13==== Examine packets from a particular flow ====
     14{{{
     15tracedump -f "host 192.168.2.110 and host 192.168.2.112 and tcp port 25 and tcp port 5662" erf:trace.erf.gz
     16}}}
     17
     18=== Details ===
     19{{{tracedump}}} uses the libpacketdump library which can parse and neatly display the contents of many common packet headers, including Ethernet, IP, TCP, UDP, ICMP and many others.