Changes between Version 2 and Version 3 of TraceDump
- Timestamp:
- 07/18/08 10:08:09 (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TraceDump
v2 v3 1 {{{trace dump}}} is a libtrace tool that can display packets in a readable format.1 {{{tracepktdump}}} is a libtrace tool that can display packets in a readable format. 2 2 3 3 === Usage === 4 {{{trace dump [ -f exp | --filter=exp ] [ -c num | --count=num ] inputuri ...}}}4 {{{tracepktdump [ -f exp | --filter=exp ] [ -c num | --count=num ] inputuri ...}}} 5 5 6 6 === Options === … … 13 13 ==== Examine packets from a particular flow ==== 14 14 {{{ 15 trace dump -f "host 192.168.2.110 and host 192.168.2.112 and tcp port 25 and tcp port 5662" erf:trace.erf.gz15 tracepktdump -f "host 192.168.2.110 and host 192.168.2.112 and tcp port 25 and tcp port 5662" erf:trace.erf.gz 16 16 }}} 17 17 18 18 === Details === 19 {{{tracedump}}} uses the libpacketdump library which can parse and neatly display the contents of many common packet headers, including Ethernet, IP, TCP, UDP, ICMP and many others. 19 {{{tracepktdump}}} uses the libpacketdump library which can parse and neatly display the contents of many common packet headers, including Ethernet, IP, TCP, UDP, ICMP and many others. 20 21 === Notes === 22 {{{tracepktdump}}} replaces the {{{tracedump}}} tool that was present in older versions of libtrace.
