1@(#) $Header: README,v 1.50 96/08/20 14:36:28 leres Exp $ (LBL)
| 1@(#) $Header: README,v 1.54 98/01/27 21:36:20 vern Exp $ (LBL)
|
2
| 2
|
3TCPDUMP 3.3
| 3TCPDUMP 3.4
|
4Lawrence Berkeley National Laboratory
5Network Research Group
6tcpdump@ee.lbl.gov
7ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
8
9This directory contains source code for tcpdump, a tool for network
10monitoring and data acquisition. The original distribution is
11available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z.
12
| 4Lawrence Berkeley National Laboratory
5Network Research Group
6tcpdump@ee.lbl.gov
7ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
8
9This directory contains source code for tcpdump, a tool for network
10monitoring and data acquisition. The original distribution is
11available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z.
12
|
13Tcpdump now uses libcap, a system-independent interface for user-level
| 13Tcpdump now uses libpcap, a system-independent interface for user-level
|
14packet capture. Before building tcpdump, you must first retrieve and
15build libpcap, also from LBL, in:
16
17 ftp://ftp.ee.lbl.gov/libpcap.tar.Z
18
19Once libpcap is built (either install it or make sure it's in
20../libpcap), you can build tcpdump using the procedure in the INSTALL
21file.
22
| 14packet capture. Before building tcpdump, you must first retrieve and
15build libpcap, also from LBL, in:
16
17 ftp://ftp.ee.lbl.gov/libpcap.tar.Z
18
19Once libpcap is built (either install it or make sure it's in
20../libpcap), you can build tcpdump using the procedure in the INSTALL
21file.
22
|
23The program is loosely based on SMI's "etherfind" although none
24of the etherfind code remains. It was originally written by Van
25Jacobson as part of an ongoing research project to investigate and
26improve tcp and internet gateway performance. The parts of the
27program originally taken from Sun's etherfind were later re-written
28by Steven McCanne of LBL. To insure that there would be no vestige
29of proprietary code in tcpdump, Steve wrote these pieces from the
30specification given by the manual entry, with no access to the
31source of tcpdump or etherfind.
| 23The program is loosely based on SMI's "etherfind" although none of the
24etherfind code remains. It was originally written by Van Jacobson as
25part of an ongoing research project to investigate and improve tcp and
26internet gateway performance. The parts of the program originally
27taken from Sun's etherfind were later re-written by Steven McCanne of
28LBL. To insure that there would be no vestige of proprietary code in
29tcpdump, Steve wrote these pieces from the specification given by the
30manual entry, with no access to the source of tcpdump or etherfind.
|
32
| 31
|
33Over the past few years, tcpdump has been steadily improved
34by the excellent contributions from the Internet community
35(just browse through the CHANGES file). We are grateful for
36all the input.
| 32Over the past few years, tcpdump has been steadily improved by the
33excellent contributions from the Internet community (just browse
34through the CHANGES file). We are grateful for all the input.
|
37
| 35
|
38Richard Stevens gives an excellent treatment of the Internet
39protocols in his book ``TCP/IP Illustrated, Volume 1''.
40If you want to learn more about tcpdump and how to interpret
41its output, pick up this book.
| 36Richard Stevens gives an excellent treatment of the Internet protocols
37in his book ``TCP/IP Illustrated, Volume 1''. If you want to learn more
38about tcpdump and how to interpret its output, pick up this book.
|
42
43Some tools for viewing and analyzing tcpdump trace files are available
44from the Internet Traffic Archive:
45
| 39
40Some tools for viewing and analyzing tcpdump trace files are available
41from the Internet Traffic Archive:
42
|
46 http://town.hall.org/Archives/pub/ITA/
| 43 http://www.acm.org/sigcomm/ITA/
|
47
| 44
|
| 45Another tool that tcpdump users might find useful is tcpslice:
46
47 ftp://ftp.ee.lbl.gov/tcpslice.tar.Z
48
49It is a program that can be used to extract portions of tcpdump binary
50trace files. See the above distribution for further details and
51documentation.
52
|
48Problems, bugs, questions, desirable enhancements, source code
49contributions, etc., should be sent to the email address
50"tcpdump@ee.lbl.gov".
51
52 - Steve McCanne
53 Craig Leres
54 Van Jacobson
55-------------------------------------
--- 148 unchanged lines hidden --- | 53Problems, bugs, questions, desirable enhancements, source code
54contributions, etc., should be sent to the email address
55"tcpdump@ee.lbl.gov".
56
57 - Steve McCanne
58 Craig Leres
59 Van Jacobson
60-------------------------------------
--- 148 unchanged lines hidden --- |