-
Notifications
You must be signed in to change notification settings - Fork 5
Matthieu Coudron edited this page Jan 25, 2020
·
3 revisions
- How to troubleshoot issues ?
- How does mptcpanalyzer use tshark ?
- How to customize plots to look better ?
Start mptcpanalyzer with $ mptcpanalyzer and then run checkhealth at the prompt to check python and wireshark versions.
mptcpanalyzer calls tshark with some rules to filter out packets. You can call clean_pcap to export a pcap whose packets will have the same id as the one displayed in mptcpanalyzer.
You can see the commands called by mptcpanalyzer when using TRACE log level. Tshark is used in 2 ways:
- For static analysis, to convert a pcap into a TSV file.
For instance
mptcpanalyzer --regen -d TRACE -l examples/client_2_filtered.pcapngcalls:
tshark -E header=y -r /home/teto/mptcpanalyzer/examples/client_2_filtered.pcapng -E 'separator=|' -o 'gui.column.format:"Time","%At","ipsrc","%s","ipdst","%d"' -o tcp.analyze_sequence_numbers:True -o mptcp.analyze_mappings:True -o mptcp.relative_sequence_numbers:True -o mptcp.intersubflows_retransmission:True -o mptcp.analyze_mptcp:True -2 -R 'mptcp or tcp and not icmp' -T fields -e frame.number -e frame.interface_name -e frame.time_epoch -e _ws.col.ipsrc -e _ws.col.ipdst -e ip.src_host -e ip.dst_host -e tcp.stream -e tcp.srcport -e tcp.dstport -e tcp.window_size -e tcp.flags -e tcp.option_kind -e tcp.seq -e tcp.len -e tcp.ack -e tcp.options.timestamp.tsval -e tcp.options.timestamp.tsecr -e mptcp.expected_token -e mptcp.stream -e tcp.options.mptcp.sendkey -e tcp.options.mptcp.recvkey -e tcp.options.mptcp.recvtok -e tcp.options.mptcp.datafin.flag -e tcp.options.mptcp.version -e tcp.options.mptcp.subtype -e tcp.options.mptcp.rawdataseqno -e tcp.options.mptcp.rawdataack -e tcp.options.mptcp.subflowseqno -e tcp.options.mptcp.datalvllen -e tcp.options.mptcp.addrid -e mptcp.rawdsn64 -e mptcp.ack -e mptcp.dsn -e mptcp.related_mapping -e mptcp.reinjection_of -e mptcp.reinjected_in
- For live analysis (WIP)
See https://github.com/teto/mptcpanalyzer/wiki/Customize-plots