diff options
author | Chris Maynard <Christopher.Maynard@GTECH.COM> | 2011-04-05 20:21:59 +0000 |
---|---|---|
committer | Chris Maynard <Christopher.Maynard@GTECH.COM> | 2011-04-05 20:21:59 +0000 |
commit | 595e5e1c1d150812de9cc0d1549acd0ed5d8770d (patch) | |
tree | c0101435e5778ab84ef23a5809fa0332e5430fbf /doc | |
parent | 4f462b3d09e661d64714187636ddb851457c1c39 (diff) |
Add ICMP tap support, and add a tshark tap to measure such things as:
* Number of ICMP echo requests, replies, lost replies and percent loss.
* Min, Max, Average SRT (Service Response Time), and standard deviation.
(This is my first tap, so hopefully I didn't miss something, but we'll see ...)
TODO: Add a Wireshark tap.
svn path=/trunk/; revision=36480
Diffstat (limited to 'doc')
-rw-r--r-- | doc/README.tapping | 6 | ||||
-rw-r--r-- | doc/tshark.pod | 10 |
2 files changed, 14 insertions, 2 deletions
diff --git a/doc/README.tapping b/doc/README.tapping index 8546e5919a..5584a6c4fd 100644 --- a/doc/README.tapping +++ b/doc/README.tapping @@ -67,7 +67,7 @@ The two functions to start or stop tapping are register_tap_listener(const char *tapname, void *tapdata, const char *fstring, guint flags, void (*reset)(void *tapdata), - gboolean (*packet)(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const void *<pointer>), + gboolean (*packet)(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const void *data), void (*draw)(void *tapdata)); remove_tap_listener(void *tapdata); @@ -128,13 +128,15 @@ is a set of flags for the tap listener. The flags that can be set are: set if your tap listener "packet" routine requires the column strings to be constructed. + If no flags are needed, use TL_REQUIRES_NOTHING. + void (*reset)(void *tapdata) This callback is called whenever Wireshark wants to inform your listener that it is about to start [re]reading a capture file or a new capture from an interface and that your application should reset any state it has in the *tapdata instance. -gboolean (*packet)(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, void *data) +gboolean (*packet)(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const void *data) This callback is used whenever a new packet has arrived at the tap and that it has passed the filter (if there were a filter). The *data structure type is specific to each tap. diff --git a/doc/tshark.pod b/doc/tshark.pod index 4863e2cc61..f9de53be3b 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -710,6 +710,16 @@ and IPv6 addresses are dumped by default. Addresses are collected from a number of sources, including standard "hosts" files and captured traffic. +=item B<-z> icmp,srt[,I<filter>] + +Compute total ICMP echo requests, replies, loss, and percent loss, as well as +min, max and average SRT statistics typical of ping statistics. + +Example: S<B<-z icmp,srt,ip.src==1.2.3.4>> will collect ICMP SRT statistics +for ICMP echo request packets originating from a specific host. + +This option can be used multiple times on the command line. + =item B<-z> io,phs[,I<filter>] Create Protocol Hierarchy Statistics listing both number of packets and bytes. |