tcpdump mailing list archives
Are all traces captured by dag card in "tcpdump" format?
From: "ice ice" <wildicecoco () hotmail com>
Date: Thu, 03 Jun 2004 22:31:00 +0000
Hi, I have a trace saying "Data provided by WAND Research Group using the dag interface card OC48 data analysis required CAIDA's CoralReef software suite."I am confused by the statement of "OC48 data analysis required CAIDA's CoralReef software suite".
It seems to me that traces captured by dag card are collections of packet headers. And I can use Tcpdump or CoralReef libary in reading the packet information from the trace. And I even can directly read header by header (IP+TCP/UDP/or other+..) from the trace by my own program, and interpret the information in packet by matching the structure specified in RFC.
Then why "OC48 data analysis required CAIDA's CoralReef software suite"?I apply the tcpdump on the trace, it also can print out the packet information. But when I write my own program to parse through the trace, I can not get right information. Why is that?
Thanks, zs _________________________________________________________________FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- Are all traces captured by dag card in "tcpdump" format? ice ice (Jun 03)
- Re: Are all traces captured by dag card in "tcpdump" Stephen Donnelly (Jun 03)