Skip to main content
Super User

All Questions

Ask Question
Tagged with
9 questions
Newest Active Bountied Unanswered
1 vote
0 answers
45 views

understand ss -to4 output for a jdbc connection

My application connects to a database over JDBC, and performs a lot of sequential inserts. There is only 1 JDBC connection opened by the application. As the performance is not as expected, I started ...
iGnite007's user avatar
iGnite007
  • 11
6 votes
1 answer
13k views

Capture only TCP SYN-ACK packets with tcpdump

I'm trying to capture only TCP SYN-ACK packets, i.e. with both SYN and ACK bits set with: tcpdump -vvvni eth0 tcp[tcpflags] == tcp-syn and tcp[tcpflags] == tcp-ack but it gives such error: tcpdump: ...
red0ct's user avatar
red0ct
  • 244
1 vote
0 answers
4k views

How to make tcpdump display only source IP, destination IP, ports and timestamps

I am running tcpdump to track traffic on 2 interfaces, one input and one output. The sole purpose is to measure the latency between the time when the input interface receives incoming TCP traffic and ...
my_question's user avatar
my_question
  • 249
3 votes
0 answers
819 views

Inactive / Unknown TCP connections

I can see the following TCP connections in one of my linux host. root@odb-us:~# netstat -a | grep ESTAB | grep 10.12 tcp 0 0 odb-us.:2424 10.12.0.77:40000 ESTABLISHED tcp 0 ...
Arun prasath's user avatar
Arun prasath
  • 31
0 votes
3 answers
2k views

Why does TCP sends more than 1 ack per packet?

My source sends packets of 4794 bytes (at least according to the capturing it looks like 1 packet each), however, the destination machine sends 2 acks for every packet sent from source. I've tried ...
SagiLow's user avatar
SagiLow
  • 187
0 votes
0 answers
792 views

NAT doesn't allow TCP ACK for sent TCP SYN

We are using TCP Simultaneous Open for connecting TCP socket. Lets call one SideA and other SideB. From the wireshark log I see that first two SYN sent from SideB is blocked by SideA NAT. Then SideA ...
Tahlil's user avatar
Tahlil
  • 101
2 votes
1 answer
1k views

How to split pcap files maintaining tcp sessions

I have a pcap file which contains tcp traces. I was wondering if there's a way to split these traces in order to maintain tcp flows, but also filtering the traffic on a src ip basis. For example, if ...
user3098549's user avatar
user3098549
  • 121
3 votes
1 answer
4k views

have tcpdump show the 'conversation' as i would get from wireshark?

Is it possible to get the same output i would get from: tcpdump port 80 -w log.pcap wireshark log.pcap in wireshark Analyze > Follow TCP Stream and then in the bottom drop down Entire ...
gcb's user avatar
gcb
  • 31
1 vote
1 answer
849 views

What does this tcpdump printout mean?

I'm not very experience with networking, so on my free time, I usually try and learn some more things about the internet and how it works. While at school, I came across tcpdump and wanted to give it ...
ILikePizza555's user avatar
ILikePizza555
  • 13