Re: Strange ip_conntrack values

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> Tcpdump is a good packet sniffer but it does not show the data in a
> user-friendly format.

ok I've made another tcpdump for ethereal and it's ok;

I've checked and I get a lot of this scheme :

No.     Time        Source                Destination           Protocol Info
     10 0.004569    24.33.232.227         mydomain         TCP     
1488 > http [SYN] Seq=0 Ack=0 Win=64240 Len=0 MSS=1460
     11 0.004626    mydomain         24.33.232.227         TCP     
http > 1488 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
    255 0.162181    24.33.232.227         mydomain         TCP     
1488 > http [ACK] Seq=1 Ack=1 Win=64240 Len=0
    258 0.165191    24.33.232.227         mydomain         TCP     
1488 > http [FIN, ACK] Seq=1 Ack=1 Win=64240 Len=0
    259 0.165313    mydomain         24.33.232.227         TCP     
http > 1488 [FIN, ACK] Seq=1 Ack=2 Win=5840 Len=0
    385 0.311935    24.33.232.227         mydomain         TCP     
1488 > http [ACK] Seq=2 Ack=2 Win=64240 Len=0

(this is the whole tcp stream)

for others I get the complete http exchange : get ...

is it normal ?

Ethereal is brand new for me so if you have some good tips to help me
find some interesting information ... thanks a lot

John
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux