Scribd
Upload
137 views2 pages

Tcptrace Results

The document describes the analysis of a network packet capture file using the tcptrace tool. Tcptrace analyzed 416,115 packets and identified 10 TCP connections. Details are provided on the third connection such as the source and destination hosts and ports, timestamps, packet and byte counts, window sizes, and throughput. Warnings are displayed for duplicate packets detected on the reverse direction of the connection.

Uploaded by

Hadouken5
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
137 views2 pages

Tcptrace Results

The document describes the analysis of a network packet capture file using the tcptrace tool. Tcptrace analyzed 416,115 packets and identified 10 TCP connections. Details are provided on the third connection such as the source and destination hosts and ports, timestamps, packet and byte counts, window sizes, and throughput. Warnings are displayed for duplicate packets detected on the reverse direction of the connection.

Uploaded by

Hadouken5
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

[grp6@grp6ws1 ~]$ tcpdump tcp port 60000 -w test.

cap
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
416115 packets captured
416224 packets received by filter
109 packets dropped by kernel
[grp6@grp6ws1 ~]$ tcptrace test.cap
1 arg remaining, starting with 'test.cap'
Ostermann's tcptrace -- version 6.6.7 -- Thu Nov 4, 2004
416115 packets seen, 416115 TCP packets traced
elapsed wallclock time: 0:00:00.967556, 430068 pkts/sec analyzed
trace file elapsed time: 0:00:31.368149
TCP connection info:
1: 192.168.0.103:32777 - 192.168.0.101:60000 (a2b) 20531> 20546< (complete)
** Warning, b2a: detected 17 hardware duplicate(s) (same seq # and IP ID)
2: 192.168.0.103:32778 - 192.168.0.101:60000 (c2d) 20966> 20999< (complete)
** Warning, d2c: detected 34 hardware duplicate(s) (same seq # and IP ID)
3: 192.168.0.103:32779 - 192.168.0.101:60000 (e2f) 20939> 20972< (complete)
** Warning, f2e: detected 34 hardware duplicate(s) (same seq # and IP ID)
4: 192.168.0.103:32780 - 192.168.0.101:60000 (g2h) 20586> 20618< (complete)
** Warning, h2g: detected 35 hardware duplicate(s) (same seq # and IP ID)
5: 192.168.0.103:32781 - 192.168.0.101:60000 (i2j) 20937> 20977< (complete)
** Warning, j2i: detected 43 hardware duplicate(s) (same seq # and IP ID)
6: 192.168.0.103:32782 - 192.168.0.101:60000 (k2l) 20937> 20966< (complete)
** Warning, l2k: detected 32 hardware duplicate(s) (same seq # and IP ID)
7: 192.168.0.103:32783 - 192.168.0.101:60000 (m2n) 20952> 20984< (complete)
** Warning, n2m: detected 35 hardware duplicate(s) (same seq # and IP ID)
8: 192.168.0.103:32784 - 192.168.0.101:60000 (o2p) 20588> 20617< (complete)
** Warning, p2o: detected 29 hardware duplicate(s) (same seq # and IP ID)
9: 192.168.0.103:32785 - 192.168.0.101:60000 (q2r) 20928> 20964< (complete)
** Warning, r2q: detected 38 hardware duplicate(s) (same seq # and IP ID)
10: 192.168.0.103:32786 - 192.168.0.101:60000 (s2t) 20538> 20570< (complete)
** Warning, t2s: detected 33 hardware duplicate(s) (same seq # and IP ID)
[grp6@grp6ws1 ~]$ tcptrace -o3 -l test.cap
1 arg remaining, starting with 'test.cap'
Ostermann's tcptrace -- version 6.6.7 -- Thu Nov 4, 2004
416115 packets seen, 416115 TCP packets traced
elapsed wallclock time: 0:00:00.567675, 733016 pkts/sec analyzed
trace file elapsed time: 0:00:31.368149
TCP connection info:
10 TCP connections traced:
================================
TCP connection 3:
host e:
192.168.0.103:32779
host f:
192.168.0.101:60000
complete conn: yes
first packet: Mon Jan 23 10:45:30.125612 2012
last packet: Mon Jan 23 10:46:01.493364 2012
elapsed time: 0:00:31.367752
total packets: 41911
filename:
test.cap
e->f:
f->e:

file:///G|/ECE%20407/ex4.txt[1/26/2012 5:44:59 PM]

total packets:
20939
total packets:
20972
ack pkts sent:
20938
ack pkts sent:
20972
pure acks sent:
3
pure acks sent:
2
sack pkts sent:
0
sack pkts sent:
0
dsack pkts sent:
0
dsack pkts sent:
0
max sack blks/ack:
0
max sack blks/ack:
0
unique bytes sent: 11495216
unique bytes sent: 167472
actual data pkts:
20934
actual data pkts:
20968
actual data bytes: 11495216
actual data bytes: 167744
rexmt data pkts:
0
rexmt data pkts:
34
rexmt data bytes:
0
rexmt data bytes:
272
zwnd probe pkts:
0
zwnd probe pkts:
0
zwnd probe bytes:
0
zwnd probe bytes:
0
outoforder pkts:
0
outoforder pkts:
0
pushed data pkts:
20934
pushed data pkts:
20968
SYN/FIN pkts sent:
1/1
SYN/FIN pkts sent:
1/1
req 1323 ws/ts:
Y/Y
req 1323 ws/ts:
Y/Y
adv wind scale:
2
adv wind scale:
2
req sack:
Y
req sack:
Y
sacks sent:
0
sacks sent:
0
urgent data pkts:
0 pkts
urgent data pkts:
0 pkts
urgent data bytes:
0 bytes urgent data bytes:
0 bytes
mss requested:
1460 bytes mss requested:
1460 bytes
max segm size:
999 bytes max segm size:
8 bytes
min segm size:
100 bytes min segm size:
8 bytes
avg segm size:
549 bytes avg segm size:
7 bytes
max win adv:
5840 bytes max win adv:
67236 bytes
min win adv:
5840 bytes min win adv:
7400 bytes
zero win adv:
0 times zero win adv:
0 times
avg win adv:
5840 bytes avg win adv:
65722 bytes
initial window:
804 bytes initial window:
8 bytes
initial window:
1 pkts
initial window:
1 pkts
ttl stream length: 11498778 bytes ttl stream length: 167536 bytes
missed data:
3562 bytes missed data:
64 bytes
truncated data: 10867196 bytes truncated data:
0 bytes
truncated packets: 20934 pkts
truncated packets:
0 pkts
data xmit time:
15.204 secs
data xmit time:
15.204 secs
idletime max:
16158.8 ms
idletime max:
16117.8 ms
hardware dups:
0 segs
hardware dups:
34 segs
** WARNING: presence of hardware duplicates makes these figures suspect!
throughput:
366466 Bps
throughput:
5339 Bps
[grp6@grp6ws1 ~]$

file:///G|/ECE%20407/ex4.txt[1/26/2012 5:44:59 PM]

You might also like