GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  TRACETOPENDS (1)

NAME

tracetopends - reports the endpoints that are responsible for the most traffic in a trace

CONTENTS

Synopsis
Description
Output
Examples
Links
See Also
Authors

SYNOPSIS

tracetopends [ -f bpf ] [ -A addrtype ] [ -s ] [ -d ] [ -b ] [ -a ] [ -p ] [ -n topcount ] inputuri [inputuri ...]

DESCRIPTION

tracetopends reports the number of bytes and packets sent and received by the busiest endpoints observed in the input trace(s).

-f bpf filter
  Output only packets that match tcpdump style bpf filter.

-n top count
  Report the top N endpoints (defaults to 10).

-A address type
  Specifies how an endpoint should be defined. Suitable options are "mac", "v4" and "v6" which will report endpoint stats for each observed MAC address, IPv4 address and IPv6 address respectively.

-s Sort endpoints based on the amount of outgoing traffic (will cancel any previous -d option. This is on by default.

-d Sort endpoints based on the amount of incoming traffic (will cancel any previous -s option.

-b Sort endpoints based on the amount of IP traffic (will cancel any previous -a or -p options. This is on by default.

-a Sort endpoints based on the amount of application layer traffic (will cancel any previous -b or -p options.

-p Sort endpoints based on the amount of packets (will cancel any previous -b or -a options.

OUTPUT

Output is written to stdout in columns separated by blank space.

The columns are (in order):
* Endpoint address
* Time last observed
* Packets originating from the endpoint
* Bytes originating from the endpoint (IP header onwards)
* Payload originating from the endpoint (post transport header)
* Packets sent to the endpoint
* Bytes sent to the endpoint (IP header onwards)
* Payload sent to the endpoint (post transport header)

EXAMPLES

Find the IPv4 addresses that are sending the most traffic.
tracetopends -A v4 -b -s erf:trace.erf.gz

LINKS

More details about tracetopends (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracesplit_dir(1), tracereport(1), tracertstats(1), tracestats(1), tracepktdump(1), traceanon(1), tracesummary(1), tracereplay(1), tracediff(1), traceends(1)

AUTHORS

Shane Alcock <salcock@cs.waikato.ac.nz>
Search for    or go to Top of page |  Section 1 |  Main Index


tracetopends (libtrace) TRACETOPENDS (1) September 2011

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.