Wireshark · Ethereal-users: Re: [Ethereal-users] how to get total time of a connections?

[Sake Blok <sake@xxxxxxxxxx>]

On Sun, Apr 02, 2006 at 12:29:53PM -0400, George Nychis wrote:
> Anyone else try this script in Linux?  I don't think it would make any
> differences since both tools are standard across both.. but i'm not
> getting any flow information printed out, only standard tethereal output:
> 
> 235879 171898.784066 192.168.1.112 -> 207.46.20.60 TCP 33925 > 80 [ACK]
> Seq=189 Ack=961 Win=7760 Len=0 TSV=294276414 TSER=121110989

This means the parsing is failing:

   } else {
      #
      # Packet that can not be parsed"
      #
      print;
      next;
   }

Have you changed your column-settings in ethereal to match mine? 
If not, you have to alter the script to read out yours (yes, I know
this is an awkward way of doing things, but initially, the script 
was never written to be used by anyone other than me...)

Hope this helps, Cheers,   Sake