indeed looks like we need similar functionality, and probably not only us.
i looked into the source of tcpip.c and it is obvious that print_packet()
function doesn't take any care of stream ordering:
void print_packet(flow_t flow, const u_char *data, u_int32_t length)
{
printf("%s: ", flow_filename(flow));
fwrite(data, length, 1, stdout);
putchar('\n');
fflush(stdout);
}
we would need some sort of locking/buffering mechanism here that would
wait/buffer streams and print them out sequentially.
as i cannot rewrite in myself, i guess for now i will use dump files
with iwatch to run foremost against every new session file that i get
from tcpflow.
--
Allow binary dumping to stdout
https://bugs.launchpad.net/bugs/192174
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
