diff options
author | Barry J. Grundy <bgrundyat> | 2016-08-27 00:51:48 +0700 |
---|---|---|
committer | David Spencer <idlemoor@slackbuilds.org> | 2016-08-28 00:22:40 +0100 |
commit | 3918dcef7bc7fd44dd32aaeb0791c38da4e7c119 (patch) | |
tree | 5741d38df9792a898fcb34c324a38c3a786eb2c7 /network/tcpflow/README | |
parent | e8bba789c9d9f0e50088bf9e686d619166c329ca (diff) |
network/tcpflow: Added (data capture).
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'network/tcpflow/README')
-rw-r--r-- | network/tcpflow/README | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/network/tcpflow/README b/network/tcpflow/README new file mode 100644 index 0000000000000..b4421a9e3663f --- /dev/null +++ b/network/tcpflow/README @@ -0,0 +1,12 @@ +tcpflow is a program that captures data transmitted as part of TCP connections +(flows), and stores the data in a way that is convenient for protocol analysis +and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP +flow will be stored in two files, one for each direction. tcpflow can also +process stored 'tcpdump' packet flows. + +tcpflow is similar to 'tcpdump', in that both process packets from the wire or +from a stored file. But it's different in that it reconstructs the actual data +streams and stores each flow in a separate file for later analysis. + +tcpflow understands sequence numbers and will correctly reconstruct data +streams regardless of retransmissions or out-of-order delivery. |