Thanks Marco for the directions. But can I do it by looking at all the packets in the trace and than maintaining state for each connection that is seen.
On Wed, Mar 14, 2012 at 5:18 AM, <ma...@linuxgoeroe.dhs.org> wrote: > On Wed, 14 Mar 2012 05:10:18 -0400, Maverick wrote: > >> Can someone please help me with getting connection information for >> each ip using tshark.Information such as >> >> When the connection was established, when it was terminated, how many >> bytes were transmitted. Is it possible to get this information for >> each ip in your trace file. > > > I'd look at tcptrace (http://www.tcptrace.org) for that. > > Regards, > > Marco. > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
