Ethereal-users: RE: [Ethereal-users] Identifying a packet as UDP, TCP or ICMP or other using TE
Or, a relatively simple approach if you don't mind doing full dissection in
tethereal would be
to process the full output and trigger on the presence of TCP or UDP header
labels.
Something as simple as this perl snippet:
open(IN, "tethereal -V|");
while ( $line = <IN> )
{
if ( $line =~ /^Internet Protocol,/ )
{
$ip++;
}
elsif ( $line =~ /^User Datagram Protocol,/ )
{
$udp++;
}
elsif ( $line =~ /^Transmission Control Protocol,/ )
{
$tcp++;
}
}
Or something like that.
-- Nathan
> -----Original Message-----
> From: Guy Harris [mailto:guy@xxxxxxxxxx]
> Sent: Tuesday, August 14, 2001 2:24 PM
> To: Bernard, Kurt A.
> Cc: 'ethereal-users@xxxxxxxxxxxx'
> Subject: Re: [Ethereal-users] Identifying a packet as UDP, TCP or ICMP
> or other using TETHEREAL
>
>
> > I would like to measure the amount of UDP, TCP and ICMP
> traffic in a capture
> > file I feed to tethereal...I have tried changing the
> columns displayed in
> > ethereal but don't see anything that will display if the
> pkt is udp, tcp or
> > icmp.
>
> There isn't anything that will. Currently, neither
>
> 1) the ability to disable protocol dissectors
>
> nor
>
> 2) the ability to get protocol statistics
>
> are supported by Tethereal.
>
> If this doesn't have to be done in a script, you might try reading the
> file with Ethereal, instead, and using the "Protocol Hierarchy
> Statistics" menu item under the "Tools" menu.
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>
