Printing TCP Options?
Carter Bullard
carter at qosient.com
Fri Oct 7 12:06:55 EDT 2011
Hey Nikki,
Argus does not capture TCP headers, so we don't have TCP header content, per se.
We do capture much of the TCP session semantics, so things like negotiated TCP options,
TCP state progression, etc…., some sequence numbers, etc…. are available.
But now that I'm looking at the client source, the "tcpopt" and "tcpext" field, didn't make
the 3.0 cut. I'll have to put it back in.
So what in particular are you looking for? Just the negotiated options at setup?
Carter
On Oct 5, 2011, at 10:05 PM, Nichole K. Boscia wrote:
>
> Hi folks,
>
> I need to pull TCP options such as selective ack, timestamps, winscale, etc. for captured flows. I assume this is captured since it's part of the TCP header, but I'm not seeing how to print out the values with ra tools.
>
> Thanks,
> -nikki
>
> -------------------------------------------
> Nichole K. Boscia
> Senior Network Engineer, CSC
> NASA Advanced Supercomputing Division
> Ames Research Center, Moffett Field, CA 94035
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20111007/8b6e9b66/attachment.bin>
More information about the argus
mailing list