6月 16 2014

Analysis tools for network traces

Overview

tcpdump: capture network packets by specific filters
tcptrace: a tool for analysis of tcp dump files, like pcap
jplot: a java version of xplot
补充一下tshark也是一个不错的工具，是wireshark的terminal版本，功能同样强大。

Install & Usage

TCPDUMP

$yum install tcpdump  // My OS is CentOS 6.5
$tcpdump -w example.pcap -i eth0 -n

Here is the manpage of tcpdump with lots of examples.

TCPTRACE

$yum install tcptrace
$tcptrace -R example.pcap  // produce data for RTT graph

Here is the manpage of tcptrace.

JPLOT

Install

$wget http://www.tcptrace.org/jPlot/download/jPlot-1.0.2.tar.gz
$tar zxvf jPlot-1.0.2.tar.gz
$cd jPlot-1.0.2
$yum install java-devel   // install javac
$./configure
$make

Usage

$java jPlot a2b_rtt.xpl

Here is the manpage of jPlot.

Others

If you are familiar with gnuplot, I think xpl2gpt is a good shell scripts for you.

Examples

$tcpdump -w example.pcap -i eth0 -n
$tcptrace -R example.pcap
$xpl2gpl a2b_rtt.xpl
$gnuplot a2b_rtt.gpl