More Questions
Kevin C Miller
kevinm+ at andrew.cmu.edu
Tue Mar 23 18:29:17 EST 1999
I have another question regarding date/time. I've been collecting stats
on a low-bandwidth net for awhile and am just starting to play with the
data. Yesterday we had a connection which first appears here:
rymon.net.cmu.edu# ra -r /home/argus/logs/lister.log.19990322 -c -n -t
03/22/99.8:35-03/22/99.8:40
[snip]
Mon 03/22 08:39:32 * tcp 128.2.6.64.33594 -> 128.2.6.2.22
15929 16572 2063955 3828550 CLO
---
So apparently this is a 'normal' SSH connection except that there were
packet retransmissions.
This is the first five minute period I see this, however I continue
seeing it listed throughout the day, until the 18:25-18:30 period.
rymon.net.cmu.edu# ra -r /home/argus/logs/lister.log.19990322 -c -n -t
03/22/99.18:20-03/22/99.18:25
[snip]
Mon 03/22 08:39:32 * tcp 128.2.6.64.33594 -> 128.2.6.2.22
15929 16572 2063955 3828550 CLO
---
So, does this indicate that packets from this transmission were being
re-transmitted throughout the day?
Related Question: Is there any functionality at present to apply the
time specified by -t only to the beginning of transactions? I would like
to count transactions only once, and this seems like an appropriate way.
If it isn't possible with the current release, I'll look into adding an
option to do this.
Kevin
====================================================================
Kevin C. Miller - Carnegie Mellon University - Sophomore
kevinm at abtech.org - School of Computer Science - 412-862-3487
--------------------------------------------------------------------
More information about the argus
mailing list