Thanks Marco for the directions. But can I do it by looking at all the
packets in the trace and than maintaining state for each connection
that is seen.
On Wed, Mar 14, 2012 at 5:18 AM, <marco@xxxxxxxxxxxxxxxxxxx> wrote:
> On Wed, 14 Mar 2012 05:10:18 -0400, Maverick wrote:
>
>> Can someone please help me with getting connection information for
>> each ip using tshark.Information such as
>>
>> When the connection was established, when it was terminated, how many
>> bytes were transmitted. Is it possible to get this information for
>> each ip in your trace file.
>
>
> I'd look at tcptrace (http://www.tcptrace.org) for that.
>
> Regards,
>
> Marco.
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
