GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  TCPTRACE (1)

NAME

tcptrace - a TCP connection analysis tool

CONTENTS

Synopsis
Description
Environment
Author
Credits
Files
See Also

SYNOPSIS

tcptrace [options] filename

DESCRIPTION

tcptrace takes a tcpdump file specified on the command line (or from standard input) and produces a summarization of the connections.

OPTIONS

Output format options
-b brief output format
-l long output format
-r print rtt statistics (slower for large files)
-W report on estimated congestion window (not generally useful)
-q no output (if you just want modules output)
Graphing options
-T create throughput graph[s], (average over 10 segments, see -A)
-R create rtt sample graph[s]
-S create time sequence graph[s]
-N create owin graph[s] (_o_utstanding data on _N_etwork)
-F create segsize graph[s]
-G create ALL graphs
Output format detail options
-D print in decimal
-X print in hexadecimal
-n don’t resolve host or service names (much faster)
-s use short names (list "picard.cs.ohiou.edu" as just "picard")
Connection filtering options
-iN ignore connection N (can use multiple times)
-oN[-M] only connection N (or N through M). Arg can be used many times. In N is a file rather than a number, read list from file instead.
-c ignore non-complete connections (didn’t see syn’s and fin’s)
-BN first segment number to analyze (default 1)
-EN last segment number to analyze (default last in file)
Graphing detail options
-C produce color plot[s]
-M produce monochrome (b/w) plot[s]
-AN Average N segments for throughput graphs, default is 10
-z zero axis options:
-z plot time axis from 0 rather than wall clock time (backward compat)
-zx plot time axis from 0 rather than wall clock time
-zy plot sequence numbers from 0 (time sequence graphs only)
-zxy plot both axes from 0
-y omit the (yellow) instantaneous throughput points in tput graph
Misc options
-Z dump raw rtt sample times to file[s]
-p print all packet contents (can be very long)
-P print packet contents for selected connections
-t 'tick’ off the packet numbers as a progress indication
-v print version information and exit
-w print various warning messages
-d whistle while you work (enable debug, use -d -d for more output)
-e extract contents of each TCP stream into file
-h print help messages
-u print minimal UDP information too
-Ofile dump matched packets to tcpdump file ’file’
+[v] reverse the setting of the -[v] flag (for booleans)
Extended boolean options (unambiguous prefixes also work)
--showsacks
  show SACK blocks on time sequence graphs (default)
--noshowsacks
  DON’T show SACK blocks on time sequence graphs
--showrexmit
  mark retransmits on time sequence graphs (default)
--noshowrexmit
  DON’T mark retransmits on time sequence graphs
--showoutorder
  mark out-of-order on time sequence graphs (default)
--noshowoutorder
  DON’T mark out-of-order on time sequence graphs
--showzerowindow
  mark zero windows on time sequence graphs (default)
--noshowzerowindow
  DON’T mark zero windows on time sequence graphs
--showurg
  mark packets with URGENT bit set on the time sequence graphs (default)
--noshowurg
  DON’T mark packets with URGENT bit set on the time sequence graphs
--showrttdongles
  mark non-RTT-generating ACKs with special symbols
--noshowrttdongles
  DON’T mark non-RTT-generating ACKs with special symbols (default)
--showdupack3
  mark triple dupacks on time sequence graphs (default)
--noshowdupack3
  DON’T mark triple dupacks on time sequence graphs
--showzerolensegs
  show zero length packets on time sequence graphs (default)
--noshowzerolensegs
  DON’T show zero length packets on time sequence graphs
--showzwndprobes
  show zero window probe packets on time sequence graphs (default)
--noshowzwndprobes
  DON’T show zero window probe packets on time sequence graphs
--showtitle
  show title on the graphs (default)
--noshowtitle
  DON’T show title on the graphs
--res_addr
  resolve IP addresses into names (may be slow) (default)
--nores_addr
  DON’T resolve IP addresses into names (may be slow)
--res_port
  resolve port numbers into names (default)
--nores_port
  DON’T resolve port numbers into names
--checksum
  verify IP and TCP checksums
--nochecksum
  DON’T verify IP and TCP checksums (default)
--dupack3_data
  count a duplicate ACK carrying data as a triple dupack
--nodupack3_data
  DON’T count a duplicate ACK carrying data as a triple dupack (default)
--check_hwdups
  check for ’hardware’ dups (default)
--nocheck_hwdups
  DON’T check for ’hardware’ dups
--warn_ooo
  print warnings when packets timestamps are out of order
--nowarn_ooo
  DON’T print warnings when packets timestamps are out of order (default)
--warn_printtrunc
  print warnings when packets are too short to analyze
--nowarn_printtrunc
  DON’T print warnings when packets are too short to analyze (default)
--warn_printbadmbz
  print warnings when MustBeZero TCP fields are NOT 0
--nowarn_printbadmbz
  DON’T print warnings when MustBeZero TCP fields are NOT 0 (default)
--warn_printhwdups
  print warnings for hardware duplicates
--nowarn_printhwdups
  DON’T print warnings for hardware duplicates (default)
--warn_printbadcsum
  print warnings when packets with bad checksums
--nowarn_printbadcsum
  DON’T print warnings when packets with bad checksums (default)
--warn_printbad_syn_fin_seq
  print warnings when SYNs or FINs rexmitted with different sequence numbers
--nowarn_printbad_syn_fin_seq
  DON’T print warnings when SYNs or FINs rexmitted with different sequence numbers (default)
--dump_packet_data
  print all packets AND dump the TCP/UDP data
--nodump_packet_data
  DON’T print all packets AND dump the TCP/UDP data (default)
--continuous
  run continuously and don’t provide a summary
--nocontinuous
  DON’T run continuously and don’t provide a summary (default)
--print_seq_zero
  print sequence numbers as offset from initial sequence number
--noprint_seq_zero
  DON’T print sequence numbers as offset from initial sequence number (default)
--limit_conn_num
  limit the maximum number of connections kept at a time in real-time mode
--nolimit_conn_num
  DON’T limit the maximum number of connections kept at a time in real-time mode (default)
--xplot_all_files
  display all generated xplot files at the end
--noxplot_all_files
  DON’T display all generated xplot files at the end (default)
--ns_hdrs
  assume that ns has the useHeaders_flag true (uses IP+TCP headers) (default)
--nons_hdrs
  DON’T assume that ns has the useHeaders_flag true (uses IP+TCP headers)
--csv display the long output as comma separated values
--nocsv DON’T display the long output as comma separated values (default)
--tsv display the long output as tab separated values
--notsv DON’T display the long output as tab separated values (default)
Extended variable options (unambiguous prefixes also work)
--output_dir=‘‘STR’’
  directory where all output files are placed (default: ’<NULL>’)
--output_prefix=‘‘STR’’
  prefix all output files with this string (default: ’<NULL>’)
--xplot_title_prefix=‘‘STR’’
  prefix to place in the titles of all xplot files (default: ’<NULL>’)
--update_interval=‘‘STR’’
  time interval for updates in real-time mode (default: ’<NULL>’)
--max_conn_num=‘‘STR’’
  maximum number of connections to keep at a time in real-time mode (default: ’<NULL>’)
--remove_live_conn_interval=‘‘STR’’
  idle time after which an open connection is removed in real-time mode (default: ’<NULL>’)
--remove_closed_conn_interval=‘‘STR’’
  time interval after which a closed connection is removed in real-time mode (default: ’<NULL>’)
--xplot_args=‘‘STR’’
  arguments to pass to xplot, if we are calling xplot from here (default: ’<NULL>’)
--sv=‘‘STR’’
  separator to use for long output with <STR>-separated-values (default: ’<NULL>’)
Included Modules
http Http analysis package
tcplib TCPLib analysis package
traffic traffic analysis package
slice traffic efficiency data by time slices
rttgraph round trip time analysis graphs
collie connection summary package
realtime example real-time package
 
For module-specific options, please use ‘tcptrace -hxargs‘

Filter Variables:

Please use ’tcptrace -hfilter’ for the complete listing of filter variables.

Filter Syntax:

Please use ’tcptrace -hfilter’ for filter syntax.

ENVIRONMENT

Options are first read from the file $HOME/.tcptracerc (if it exists), and then from the environment variable TCPTRACEOPTS (if it exists), and finally from the command line.

AUTHOR

Shawn Ostermann (ostermann@cs.ohiou.edu)

CREDITS

Thanks to Mark Foster (mafoster@george.arc.nasa.gov) for writing this manual page. Thanks to Avinash Lakhiani (alakhian@irg.cs.ohiou.edu) for updating it.

FILES

Dump File Names
Trailing (unrecognized) arguments are taken to be one or more filenames. The files can be compressed, see compress.h for configuration. If the dump file name is ’stdin’, then we read from standard input rather than from a file.

SEE ALSO

xplot an interactive tool for examining .xpl files output by tcptrace.
jPlot a Java version of xplot.
Search for    or go to Top of page |  Section 1 |  Main Index


--> TCPTRACE (1) 14 Oct 2002

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.