Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Connection Information using tshark

From: Maverick <myeaddress () gmail com>
Date: Wed, 14 Mar 2012 05:25:59 -0400
Thanks Marco for the directions. But can I do it by looking at all the
packets in the trace and than maintaining state for each connection
that is seen.

On Wed, Mar 14, 2012 at 5:18 AM,  <marco () linuxgoeroe dhs org> wrote:

On Wed, 14 Mar 2012 05:10:18 -0400, Maverick wrote:


Can someone please help me with getting connection information for
each ip using tshark.Information such as

When the connection was established, when it was terminated, how many
bytes were transmitted. Is it possible to get this information for
each ip in your trace file.



I'd look at tcptrace (http://www.tcptrace.org) for that.

                Regards,

                      Marco.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
           mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: