Ethereal-dev: Re: [Ethereal-dev] AIX 'iptrace' format and FDDI

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "J. Smith" <lbalbalba@xxxxxxxxxxx>
Date: Fri, 01 Nov 2002 12:44:32 +0200
Ok, here it is...
Ive purposfully tried to keep the sample as small as possible, and there should be a few frames of telnet data in there. If anyone would prefer a larger tracefile, or a trace with specific types of data, or anything else that might help, please let me know and I will try to do my best to provide it on the list. 


Ive attached two files here, which are:

iptrace.fddi.dat
This is the 'binary' file as it is produced by iptrace.

iptrace.fddi.tst
This is plan text ascii 'report' that the 'ipreport' command generates from the 'binary'. 



Sincerely,

J.Smith






Yes - please send a trace file to the list.




_________________________________________________________________
Internet access plans that fit your lifestyle -- join MSN. http://resourcecenter.msn.com/access/plans/default.asp

Attachment: iptrace.fddi.dat
Description: Binary data

IPTRACE version: 2.0

====( 138 bytes transmitted on interface fi0 )==== 10:22:46.456412160
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=114, ip_id=30185, ip_off=0
	ip_ttl=60, ip_sum=aed2, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=513(login), destination port=1023 >
	th_seq=e5643645, th_ack=e839c14d
	th_off=5, flags<PUSH | ACK>
	th_win=16060, th_sum=d75, th_urp=0
00000000     30353133 2d303539 20546865 20697074     |0513-059 The ipt|
00000010     72616365 20537562 73797374 656d2068     |race Subsystem h|
00000020     61732062 65656e20 73746172 7465642e     |as been started.|
00000030     20537562 73797374 656d2050 49442069     | Subsystem PID i|
00000040     73203139 3436342e 0d0a                  |s 19464...      |

====( 64 bytes received on interface fi0 )==== 10:22:46.498647552
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:67:dd, dst = 10:00:5a:b8:51:fa]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.209 >  (splu9002.td.klm.nl)
	< DST =    171.21.1.207 >  (splu9005.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=40, ip_id=30629, ip_off=0
	ip_ttl=60, ip_sum=ad60, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=1023, destination port=513(login) >
	th_seq=e839c14d, th_ack=e564368f
	th_off=5, flags<ACK>
	th_win=16060, th_sum=4bd2, th_urp=0

====( 76 bytes transmitted on interface fi0 )==== 10:22:46.510176384
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=52, ip_id=30186, ip_off=0
	ip_ttl=60, ip_sum=af0f, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=513(login), destination port=1023 >
	th_seq=e564368f, th_ack=e839c14d
	th_off=5, flags<PUSH | ACK>
	th_win=16060, th_sum=815c, th_urp=0
00000000     746f7461 6c203134 37320d0a              |total 1472..    |

====( 64 bytes received on interface fi0 )==== 10:22:46.708906240
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:67:dd, dst = 10:00:5a:b8:51:fa]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.209 >  (splu9002.td.klm.nl)
	< DST =    171.21.1.207 >  (splu9005.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=40, ip_id=30631, ip_off=0
	ip_ttl=60, ip_sum=ad5e, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=1023, destination port=513(login) >
	th_seq=e839c14d, th_ack=e564369b
	th_off=5, flags<ACK>
	th_win=16060, th_sum=4bc6, th_urp=0

====( 930 bytes transmitted on interface fi0 )==== 10:22:46.708948864
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=906, ip_id=30227, ip_off=0
	ip_ttl=60, ip_sum=ab90, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=513(login), destination port=1023 >
	th_seq=e564369b, th_ack=e839c14d
	th_off=5, flags<PUSH | ACK>
	th_win=16060, th_sum=f810, th_urp=0
00000000     64727778 72777872 77742020 20372062     |drwxrwxrwt   7 b|
00000010     696e2020 20202020 62696e20 20202020     |in      bin     |
00000020     20202020 34303936 204e6f76 20303120     |    4096 Nov 01 |
00000030     31303a32 31202e0d 0a647277 78722d78     |10:21 ...drwxr-x|
00000040     722d7820 20323020 726f6f74 20202020     |r-x  20 root    |
00000050     20737973 74656d20 20202020 20313032     | system      102|
00000060     34205365 70203036 2030393a 3130202e     |4 Sep 06 09:10 .|
00000070     2e0d0a64 72777872 77787277 78202020     |...drwxrwxrwx   |
00000080     3220726f 6f742020 20202073 79737465     |2 root     syste|
00000090     6d202020 20202020 35313220 53657020     |m       512 Sep |
000000a0     30362030 393a3431 202e5831 312d756e     |06 09:41 .X11-un|
000000b0     69780d0a 2d72772d 2d2d2d2d 2d2d2020     |ix..-rw-------  |
000000c0     20312037 33363020 20202020 7469766f     | 1 7360     tivo|
000000d0     6c692020 20202020 20203439 204a756e     |li        49 Jun|
000000e0     20323420 31343a35 39202e58 61757468     | 24 14:59 .Xauth|
000000f0     32366b59 37700d0a 2d72772d 2d2d2d2d     |26kY7p..-rw-----|
00000100     2d2d2020 20312037 33363020 20202020     |--   1 7360     |
00000110     7469766f 6c692020 20202020 20203439     |tivoli        49|
00000120     204a756e 20323520 30383a34 38202e58     | Jun 25 08:48 .X|
00000130     61757468 35696f4a 71710d0a 2d72772d     |auth5ioJqq..-rw-|
00000140     2d2d2d2d 2d2d2020 20312037 33363020     |------   1 7360 |
00000150     20202020 7469766f 6c692020 20202020     |    tivoli      |
00000160     20203439 204a756c 20303320 31303a35     |  49 Jul 03 10:5|
00000170     30202e58 61757468 50346e36 55750d0a     |0 .XauthP4n6Uu..|
00000180     2d72772d 2d2d2d2d 2d2d2020 20312037     |-rw-------   1 7|
00000190     33363020 20202020 7469766f 6c692020     |360     tivoli  |
000001a0     20202020 20203439 204a756c 20303120     |      49 Jul 01 |
000001b0     30373a34 31202e58 61757468 56356e36     |07:41 .XauthV5n6|
000001c0     79740d0a 2d72772d 2d2d2d2d 2d2d2020     |yt..-rw-------  |
000001d0     20312037 33363020 20202020 7469766f     | 1 7360     tivo|
000001e0     6c692020 20202020 20203439 204a756e     |li        49 Jun|
000001f0     20323820 31303a30 39202e58 61757468     | 28 10:09 .Xauth|
00000200     6b4e6434 55730d0a 2d72772d 2d2d2d2d     |kNd4Us..-rw-----|
00000210     2d2d2020 20312037 33363020 20202020     |--   1 7360     |
00000220     7469766f 6c692020 20202020 20203439     |tivoli        49|
00000230     204a756e 20323120 31313a34 37202e58     | Jun 21 11:47 .X|
00000240     61757468 74796e66 616f0d0a 2d72772d     |authtynfao..-rw-|
00000250     2d2d2d2d 2d2d2020 20312037 33363020     |------   1 7360 |
00000260     20202020 7469766f 6c692020 20202020     |    tivoli      |
00000270     20203439 204a756e 20313820 30383a34     |  49 Jun 18 08:4|
00000280     33202e58 61757468 78666863 616e0d0a     |3 .Xauthxfhcan..|
00000290     2d72772d 72772d2d 2d2d2020 20312065     |-rw-rw----   1 e|
000002a0     78303939 38352020 73797374 656d2020     |x09985  system  |
000002b0     20202020 20202030 20466562 20313320     |       0 Feb 13 |
000002c0     32303032 20202e63 75727265 6e742e31     |2002  .current.1|
000002d0     32383034 0d0a6472 7778722d 78722d78     |2804..drwxr-xr-x|
000002e0     20202032 20726f6f 74202020 20206e6f     |   2 root     no|
000002f0     626f6479 20202020 20202035 31322046     |body       512 F|
00000300     65622032 32203230 30322020 2e696e73     |eb 22 2002  .ins|
00000310     74616c6c 65640d0a 2d72772d 2d2d2d2d     |talled..-rw-----|
00000320     2d2d2020 2031206b 6c6d3031 34333420     |--   1 klm01434 |
00000330     73706c74 63202020 20202020 20203132     |spltc         12|
00000340     204e6f76 20303120 31303a30 39202e6b     | Nov 01 10:09 .k|
00000350     73685f68 6973746f 72792e31 39323634     |sh_history.19264|
00000360     0d0a                                    |..              |

====( 68 bytes transmitted on interface fi0 )==== 10:22:46.770977792
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=44, ip_id=30228, ip_off=0
	ip_ttl=60, ip_sum=aeed, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=50769, destination port=2049(shilp) >
	th_seq=fca4f8a0, th_ack=0
	th_off=6, flags<SYN>
	th_win=16384, th_sum=3ac3, th_urp=0
		mss 1460

====( 68 bytes received on interface fi0 )==== 10:22:46.772783488
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:67:dd, dst = 10:00:5a:b8:51:fa]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.209 >  (splu9002.td.klm.nl)
	< DST =    171.21.1.207 >  (splu9005.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=44, ip_id=30632, ip_off=0
	ip_ttl=60, ip_sum=ad59, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=2049(shilp), destination port=50769 >
	th_seq=cb6c4170, th_ack=fca4f8a1
	th_off=6, flags<SYN | ACK>
	th_win=59860, th_sum=8400, th_urp=0
		mss 1460

====( 64 bytes transmitted on interface fi0 )==== 10:22:46.772822784
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=40, ip_id=30229, ip_off=0
	ip_ttl=60, ip_sum=aef0, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=50769, destination port=2049(shilp) >
	th_seq=fca4f8a1, th_ack=cb6c4171
	th_off=5, flags<ACK>
	th_win=16060, th_sum=46d6, th_urp=0

====( 196 bytes transmitted on interface fi0 )==== 10:22:46.773264640
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=172, ip_id=30230, ip_off=0
	ip_ttl=60, ip_sum=ae6b, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=50769, destination port=2049(shilp) >
	th_seq=fca4f8a1, th_ack=cb6c4171
	th_off=5, flags<PUSH | ACK>
	th_win=60000, th_sum=166c, th_urp=0
00000000     80000080 2eae976c 00000000 00000002     |.......l........|
00000010     000186a3 00000003 00000001 00000001     |................|
00000020     00000034 3dc247e6 00000008 73706c75     |...4=.G.....splu|
00000030     39303035 00000000 00000000 00000006     |9005............|
00000040     00000000 00000002 00000003 00000007     |................|
00000050     00000008 0000000a 00000000 00000000     |................|
00000060     00000020 0022000c 00000003 000a0000     |... ."..........|
00000070     000237cb bbcf0000 000a0000 000237cb     |..7...........7.|
00000080     bbcf0000                                |....            |

====( 180 bytes received on interface fi0 )==== 10:22:46.775388544
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:67:dd, dst = 10:00:5a:b8:51:fa]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.209 >  (splu9002.td.klm.nl)
	< DST =    171.21.1.207 >  (splu9005.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=156, ip_id=30633, ip_off=0
	ip_ttl=60, ip_sum=ace8, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=2049(shilp), destination port=50769 >
	th_seq=cb6c4171, th_ack=fca4f925
	th_off=5, flags<PUSH | ACK>
	th_win=60032, th_sum=18ae, th_urp=0
00000000     80000070 2eae976c 00000001 00000000     |...p...l........|
00000010     00000000 00000000 00000000 00000000     |................|
00000020     00000002 000145ed 0000004c 00000000     |......E....L....|
00000030     00000000 00000000 00000c00 00000000     |................|
00000040     00001000 00000000 00000019 00000000     |................|
00000050     0022000c 00000000 00000002 3dc24761     |."..........=.Ga|
00000060     37412f00 3dbfd649 2c6d3600 3dbfd649     |7A/.=..I,m6.=..I|
00000070     2c6d3600                                |,m6.            |

====( 208 bytes transmitted on interface fi0 )==== 10:22:46.776222720
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=184, ip_id=30231, ip_off=0
	ip_ttl=60, ip_sum=ae5e, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=50769, destination port=2049(shilp) >
	th_seq=fca4f925, th_ack=cb6c41e5
	th_off=5, flags<PUSH | ACK>
	th_win=60000, th_sum=3830, th_urp=0
00000000     8000008c 2eae976d 00000000 00000002     |.......m........|
00000010     000186a3 00000003 00000003 00000001     |................|
00000020     00000034 3dc247e6 00000008 73706c75     |...4=.G.....splu|
00000030     39303035 00000000 00000000 00000006     |9005............|
00000040     00000000 00000002 00000003 00000007     |................|
00000050     00000008 0000000a 00000000 00000000     |................|
00000060     00000020 0022000c 00000003 000a0000     |... ."..........|
00000070     d85ca7c4 3c6f0000 000a0000 000237cb     |.\..<o........7.|
00000080     bbcf0000 00000006 2e637368 72630000     |.........cshrc..|

====( 184 bytes received on interface fi0 )==== 10:22:46.778339200
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:67:dd, dst = 10:00:5a:b8:51:fa]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.209 >  (splu9002.td.klm.nl)
	< DST =    171.21.1.207 >  (splu9005.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=160, ip_id=30634, ip_off=0
	ip_ttl=60, ip_sum=ace3, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=2049(shilp), destination port=50769 >
	th_seq=cb6c41e5, th_ack=fca4f9b5
	th_off=5, flags<PUSH | ACK>
	th_win=60032, th_sum=471b, th_urp=0
00000000     80000074 2eae976d 00000001 00000000     |...t...m........|
00000010     00000000 00000000 00000000 00000002     |................|
00000020     00000001 00000002 000145ed 00000004     |..........E.....|
00000030     00001d8e 00000001 00000000 00000200     |................|
00000040     00000000 00001000 00000000 0000de73     |...............s|
00000050     00000000 0022000c 00000000 0000d85c     |.....".........\|
00000060     3dc24128 0543d300 3dbfda47 11301200     |=.A(.C..=..G.0..|
00000070     3dbfdc37 397af900                       |=..79z..        |

====( 64 bytes transmitted on interface fi0 )==== 10:22:46.863040896
FDDI packet
FDDI MAC header:
frame control field = 50
[ src = 10:00:5a:b8:51:fa, dst = 10:00:5a:b8:67:dd]
802.2 LLC header:
dsap aa, ssap aa, ctrl 3, proto 0:0:0, type 800 (IP)
IP header breakdown:
	< SRC =    171.21.1.207 >  (splu9005.td.klm.nl)
	< DST =    171.21.1.209 >  (splu9002.td.klm.nl)
	ip_v=4, ip_hl=20, ip_tos=0, ip_len=40, ip_id=30232, ip_off=0
	ip_ttl=60, ip_sum=aeed, ip_p = 6 (TCP)
TCP header breakdown:
	<source port=50769, destination port=2049(shilp) >
	th_seq=fca4f9b5, th_ack=cb6c425d
	th_off=5, flags<ACK>
	th_win=60000, th_sum=9931, th_urp=0


++++++ END OF REPORT ++++++

processed 13 packets