aboutsummaryrefslogtreecommitdiff
path: root/network/tcpflow/README
diff options
context:
space:
mode:
authorBarry J. Grundy <bgrundyat>2016-08-27 00:51:48 +0700
committerDavid Spencer <idlemoor@slackbuilds.org>2016-08-28 00:22:40 +0100
commit3918dcef7bc7fd44dd32aaeb0791c38da4e7c119 (patch)
tree5741d38df9792a898fcb34c324a38c3a786eb2c7 /network/tcpflow/README
parente8bba789c9d9f0e50088bf9e686d619166c329ca (diff)
network/tcpflow: Added (data capture).
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'network/tcpflow/README')
-rw-r--r--network/tcpflow/README12
1 files changed, 12 insertions, 0 deletions
diff --git a/network/tcpflow/README b/network/tcpflow/README
new file mode 100644
index 0000000000000..b4421a9e3663f
--- /dev/null
+++ b/network/tcpflow/README
@@ -0,0 +1,12 @@
+tcpflow is a program that captures data transmitted as part of TCP connections
+(flows), and stores the data in a way that is convenient for protocol analysis
+and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP
+flow will be stored in two files, one for each direction. tcpflow can also
+process stored 'tcpdump' packet flows.
+
+tcpflow is similar to 'tcpdump', in that both process packets from the wire or
+from a stored file. But it's different in that it reconstructs the actual data
+streams and stores each flow in a separate file for later analysis.
+
+tcpflow understands sequence numbers and will correctly reconstruct data
+streams regardless of retransmissions or out-of-order delivery.