Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Apart from explicitly setting snaplen to zero and tacking on the BPF last as seems customary, why shouldn't it work? If you run it verbosely, without resolving any addresses and ports and without writing to a file what does it say?
Without writing to a file everything is ok. But the exact problem is - I want to write it to a file in the order tcpdstat expects it(the order -w option meant to create, maybe im wrong). I believe its not hard, I just don't know how. And maybe another question by the way, I know about snort and stuff, but if I would make a little script for an easy hand-check, how could I make a process(utility with given arguments) to run for several seconds, count until some of the values reached the sought-for point and finish its job? I have tried with "read", "at", "sleep", combinig sed+awk, but unsuccessfully.
I could've given you a link, but its russian. And I'm home now, and no google cloud sorry, I'll try to translate and clarificate better tomorrow. But it is exactly what im talking about. I even got an idea, what exactly I have explained wrong
must've been .pcap.
"tcpdstat - Get protocol statistics from tcpdump pcap files". And please, if someone could throw some notes on the second part of the question?
make a little script for an easy hand-check, how could I make a process (utility with given arguments) to run for several seconds, count until some of the values reached the sought-for point and finish its job? I have tried with "read", "at", "sleep", combinig sed+awk, but unsuccessfully.
It kind of depends on what "sought-for point" means. If "sought-for point" means a packet counter then there's 'tcpdump -c' or 'tshark -c', elif it means input bytes there's 'cut -b' or 'dd count=' or 'od -N', elif it's a simple counter your could ((N++)) in BASH. Else if it means some combination, like \( total pkt count and 3 SYN ACKs and within 10 seconds \) then you best explain what you're trying to accomplish: (pseudo) script welcome.
Thank you, even tho I'm not the best explainer out there, the info you gave me is exactly what I've been seeking for. And if you still want the link, here goes http://www.bit-team.com/index.php?showtopic=3930 Short story is, he explains how to use all these utilities for good taking cisco as example. But he is talking superficially, so I kind of interpret it for myself.