Wireshark mailing list archives
Re: match packets at sender and receiver
From: Kevin Cullimore <kcullimo () runbox com>
Date: Wed, 07 Apr 2010 17:12:53 -0400
Apologies for top-posting. do keep in mind the following: the protocols in play were designed to effectively pass data, not necessarily optimize analysis. Cace technologies created pilot specifically to facilitate such analysis. Beyond obviously, not freeware. Disclaimer: I'm a paying customer. On 4/6/2010 10:16 PM, Andrej van der Zee wrote:
Hi, Thanks for your email.Maybe you want to share with us why you want to do this. What is your goal? Checking network performance?My company does performance analysis of web applications for its clients. I am asked to analyze tcpdumps. For now, two immediate goals with respect two packet matching on both sides of the conversation, are: * Find time differences between servers, possibly per second to detect possible clock skews, * De-duplicate packages on both end of the connection. This can be done with tools such as "editcap" of course, but becomes very tedious and error-prone when working with multiple cap-files. I will have to process multiple cap-files from all servers. I know the IP numbers, but I can make no assumptions on how tcpdump is started by our clients. From the cap-files, we want to visualize communication of between all IPs: which IP is talking to who, packet count, protocols, number of bytes, etc. That, and more. If something like this already exists, I would love to hear from you! Best regards, Andrej ___________________________________________________________________________ Sent via: Wireshark-users mailing list<wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Re: match packets at sender and receiver, (continued)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 06)
- Re: match packets at sender and receiver Ian Schorr (Apr 06)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 06)
- Re: match packets at sender and receiver bart sikkes (Apr 06)
- Re: match packets at sender and receiver Ian Schorr (Apr 06)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 06)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 20)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 20)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 06)
- Re: match packets at sender and receiver Andrej van der Zee (Apr 06)
- Re: match packets at sender and receiver Kevin Cullimore (Apr 07)