tcpdump mailing list archives

Re: Capturing a "clean" TCP stream

From: Gregor Maier <gregor () net in tum de>
Date: Sat, 19 May 2007 14:55:25 +0200

Guy Harris wrote:

On May 18, 2007, at 7:09 AM, Alexandros Karypidis wrote:

[TCP Reassembly w/ TCP ACK/SEQ numbers]


Perhaps I'm missing something, but I can't think of a better approach,
other than "use a library that does that work for you, if it exists" (or
steal code from an application that does it).  I have the impression
that a library of that sort might exist, but I don't remember what it
might be.


The Bro IDS (www.bro-ids.org) can do this (write reassembled TCP streams
to disk). I don't know of a lib to do TCP reassembly.


hth
Gregor

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

Capturing a "clean" TCP stream Alexandros Karypidis (May 18)
- Re: Capturing a "clean" TCP stream Guy Harris (May 18)
  - Re: Capturing a "clean" TCP stream Gregor Maier (May 19)
  - Re: Capturing a "clean" TCP stream Aaron Turner (May 20)
- Re: Capturing a "clean" TCP stream Sivakumar Ramagopal (May 19)