On Sat, Mar 23, 2002 at 08:50:04AM -0800, mauro proietti wrote:
> I am quite new at using Etherial and trying to findout the way to
> display a time sequence graph out of a TCP trace. Since Ethereal does
> not seem to allow this,
Well, recent versions of Ethereal *do* have code that allows you to draw
some kinds of TCP graphs, including graphs that are described as time
sequence graphs.
Select a frame from a TCP connection and then select "TCP Stream
Analysis" from the "Tools" menu. Then select from that menu a type of
graph to draw.
> I wonder if I could workout graphs using Eth in
> conjunction with other programs
There's also a tool called tcptrace:
http://www.tcptrace.org/
which can read capture files from a number of programs, including
tcpdump - and anything that can read tcpdump files can also read
Ethereal files, as Ethereal's native capture file format is the same as
tcpdump's - and produce various types of statistics and graphs.
For various tools that can work with tcpdump/Ethereal traces, see
http://www.tcpdump.org/related.html
and the "Tools" section of
http://www.ethereal.com/links.html
(not all the links there are for tools of that sort, but some are).
> (running on Windows machines, hopefully).
The tcptrace FAQ, on the tcptrace Web site, says
Wed Jan 22, 2002
Q49. Does tcptrace work with Windows?
A49. Well, nobody has tried to compile tcptrace on Windows
platform yet. However tcptrace can read network dumpfiles
collected on Windows machines using WinDump/WinPcap.
A Web search might be worthwhile if you want to see if anybody's ported
it to Windows but not told the tcptrace developers about it yet.
(A Web search might also be worthwhile if you want to see if you can
find *other* tools, that *do* work on Windows, to produce graphs from
tcpdump traces.)