Ethereal-users: Re: [Ethereal-users] Detecting inbound vs. outbound traffic

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: kl@xxxxxxxx (Kaspar Landsberg)
Date: Mon, 28 May 2001 22:33:43 +0200
Hello,

On Mon, May 28, 2001 at 01:04:43PM -0700, Guy Harris wrote:

> > frame=820;size=1039;time=0.304820;source=IP;destination=IP;proto=HTTP;
> 
> Which version of Tethereal is that, and who modified it to print out
> lines such as that?  The standard version doesn't print anything such as
> that - it prints stuff such as
> 
>  70   6.996000 {source IP} -> {destination IP} HTTP GET / HTTP/1.0

tethereal 0.8.10, with GTK+ 1.2.7, with libpcap 0.4a6, with libz 1.1.3,
with UCD SNMP 4.0.1

from ~/.ethereal/preferences:

# Packet list column format.  Each pair of strings consists of a column
# title and its format.
column.format: "No.", "%m", "Time", "%t", "Source", "%s", "Destination",
        "%d", "Protocol", "%p", "size", "%L", "Info", "%i"

> > is there a way to make tethereal differ in general between inbound and
> > outbound traffic, relative to a given IP subnet maybe?
> 
> No, there isn't.

hmm, and would it make sense to assume that all traffic that has as
destination an IP from the local subnet is inbound traffic?

Bye, Kaspar

-- 
Kaspar Landsberg, <kl@xxxxxxxx>
Four
Lines
Suffice.