TcpTrace |
tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump, snoop, etherpeek, HP Net Metrix, and WinDump. tcptrace can produce several different types of output containing information on each connection seen, such as elapsed time, bytes and segments sent and recieved, retransmissions, round trip times, window advertisements, throughput, and more. It can also produce a number of graphs for further analysis.
# analyze a file tcptrace -n $file # long stats report on a specific connection, e.g. #139 tcptrace -o139 -l -n $file # extract data to .dat files tcptrace -o139 -e -n $file # generate graphs on a specific connection tcptrace -o168 -G $file # analyze http traffic tcptrace -n -xhttp $file