Wireshark mailing list archives
finding a missing ICMP Echo Reply
From: Stuart Kendrick <skendric () fhcrc org>
Date: Fri, 05 Oct 2012 08:00:14 -0700
I have a trace tracking one station pinging another, across multiple days: 32,371 frames
10.1.2.3 10.1.2.4 ICMP Echo (ping) request 10.1.2.4 10.1.2.3 ICMP Echo (ping) reply 10.1.2.3 10.1.2.4 ICMP Echo (ping) request 10.1.2.4 10.1.2.3 ICMP Echo (ping) reply [...] Somewhere in there is one missing ICMP Echo Reply I want to find precisely where (when) this occurs. Can you think of a Wireshark way to accomplish this?[If not, then I'll write a little code to walk through a text version of the trace, looking for two back-to-back 'Echo (ping) request' lines ... but I'm hoping for something slightly faster.]
--sk ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- finding a missing ICMP Echo Reply Stuart Kendrick (Oct 05)
- Re: finding a missing ICMP Echo Reply Martin Isaksson (Oct 05)
- Re: finding a missing ICMP Echo Reply Stuart Kendrick (Oct 05)
- Re: finding a missing ICMP Echo Reply Gerald Combs (Oct 05)
- Re: finding a missing ICMP Echo Reply Martin Isaksson (Oct 05)
- Re: finding a missing ICMP Echo Reply Stuart Kendrick (Oct 05)
- Re: finding a missing ICMP Echo Reply ronnie sahlberg (Oct 05)
- Re: finding a missing ICMP Echo Reply ronnie sahlberg (Oct 06)
- Re: finding a missing ICMP Echo Reply Stuart Kendrick (Oct 08)
- Re: finding a missing ICMP Echo Reply Stuart Kendrick (Oct 05)
- Re: finding a missing ICMP Echo Reply Martin Isaksson (Oct 05)