1@(#) $Header: README,v 1.50 96/08/20 14:36:28 leres Exp $ (LBL)
| 1@(#) $Header: README,v 1.54 98/01/27 21:36:20 vern Exp $ (LBL)
|
2
| 2
|
3TCPDUMP 3.3
| 3TCPDUMP 3.4
|
4Lawrence Berkeley National Laboratory 5Network Research Group 6tcpdump@ee.lbl.gov 7ftp://ftp.ee.lbl.gov/tcpdump.tar.Z 8 9This directory contains source code for tcpdump, a tool for network 10monitoring and data acquisition. The original distribution is 11available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z. 12
| 4Lawrence Berkeley National Laboratory 5Network Research Group 6tcpdump@ee.lbl.gov 7ftp://ftp.ee.lbl.gov/tcpdump.tar.Z 8 9This directory contains source code for tcpdump, a tool for network 10monitoring and data acquisition. The original distribution is 11available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z. 12
|
13Tcpdump now uses libcap, a system-independent interface for user-level
| 13Tcpdump now uses libpcap, a system-independent interface for user-level
|
14packet capture. Before building tcpdump, you must first retrieve and 15build libpcap, also from LBL, in: 16 17 ftp://ftp.ee.lbl.gov/libpcap.tar.Z 18 19Once libpcap is built (either install it or make sure it's in 20../libpcap), you can build tcpdump using the procedure in the INSTALL 21file. 22
| 14packet capture. Before building tcpdump, you must first retrieve and 15build libpcap, also from LBL, in: 16 17 ftp://ftp.ee.lbl.gov/libpcap.tar.Z 18 19Once libpcap is built (either install it or make sure it's in 20../libpcap), you can build tcpdump using the procedure in the INSTALL 21file. 22
|
23The program is loosely based on SMI's "etherfind" although none 24of the etherfind code remains. It was originally written by Van 25Jacobson as part of an ongoing research project to investigate and 26improve tcp and internet gateway performance. The parts of the 27program originally taken from Sun's etherfind were later re-written 28by Steven McCanne of LBL. To insure that there would be no vestige 29of proprietary code in tcpdump, Steve wrote these pieces from the 30specification given by the manual entry, with no access to the 31source of tcpdump or etherfind.
| 23The program is loosely based on SMI's "etherfind" although none of the 24etherfind code remains. It was originally written by Van Jacobson as 25part of an ongoing research project to investigate and improve tcp and 26internet gateway performance. The parts of the program originally 27taken from Sun's etherfind were later re-written by Steven McCanne of 28LBL. To insure that there would be no vestige of proprietary code in 29tcpdump, Steve wrote these pieces from the specification given by the 30manual entry, with no access to the source of tcpdump or etherfind.
|
32
| 31
|
33Over the past few years, tcpdump has been steadily improved 34by the excellent contributions from the Internet community 35(just browse through the CHANGES file). We are grateful for 36all the input.
| 32Over the past few years, tcpdump has been steadily improved by the 33excellent contributions from the Internet community (just browse 34through the CHANGES file). We are grateful for all the input.
|
37
| 35
|
38Richard Stevens gives an excellent treatment of the Internet 39protocols in his book ``TCP/IP Illustrated, Volume 1''. 40If you want to learn more about tcpdump and how to interpret 41its output, pick up this book.
| 36Richard Stevens gives an excellent treatment of the Internet protocols 37in his book ``TCP/IP Illustrated, Volume 1''. If you want to learn more 38about tcpdump and how to interpret its output, pick up this book.
|
42 43Some tools for viewing and analyzing tcpdump trace files are available 44from the Internet Traffic Archive: 45
| 39 40Some tools for viewing and analyzing tcpdump trace files are available 41from the Internet Traffic Archive: 42
|
46 http://town.hall.org/Archives/pub/ITA/
| 43 http://www.acm.org/sigcomm/ITA/
|
47
| 44
|
| 45Another tool that tcpdump users might find useful is tcpslice: 46 47 ftp://ftp.ee.lbl.gov/tcpslice.tar.Z 48 49It is a program that can be used to extract portions of tcpdump binary 50trace files. See the above distribution for further details and 51documentation. 52
|
48Problems, bugs, questions, desirable enhancements, source code 49contributions, etc., should be sent to the email address 50"tcpdump@ee.lbl.gov". 51 52 - Steve McCanne 53 Craig Leres 54 Van Jacobson 55-------------------------------------
--- 148 unchanged lines hidden --- | 53Problems, bugs, questions, desirable enhancements, source code 54contributions, etc., should be sent to the email address 55"tcpdump@ee.lbl.gov". 56 57 - Steve McCanne 58 Craig Leres 59 Van Jacobson 60-------------------------------------
--- 148 unchanged lines hidden --- |