If you happened to work on low
level TCP protocol, there is only better way to troubleshoot. Guess what,
people will say different answers. But, Packet capture will do its job. When
system running on Linux, most probably, you may take tcpdump in .pcap format using tcpdump command and analyze later on using graphical tool like Wireshark
which has much advanced features.
Nonetheless, but having .pcap
file and using Wireshark is not real-time and bit cumbersome. You know what I mean
when you work on real production environment where people are ready to sit on
your head and you are really under pressure most of the working hours.
[root@cluster-node01 installs]# wget http://pkgs.repoforge.org/tcpflow/tcpflow-0.21-1.2.el6.rf.x86_64.rpm
[root@cluster-node01 installs]# rpm -ivh
tcpflow-0.21-1.2.el6.rf.x86_64.rpm
I guess you don’t need a better description here for tcpflow command. Then tcpflow man page give an exact details.
I have highlighted what is important.
Basically,
for me tcpflow is helps to monitor
traffic goes via different application specific services. Our application calls
external Rest API via web Services. Sometimes I used tcpflow to make sure http/https traffic goes via particular Network
Interface card. This is one of real example of monitoring request and response
traffic using tcpflow command.
[root@RWDAPPSVR ~]# tcpflow -i any port 7000 –c
Above tcpflow command monitors
traffic goes via port 7000 on listening on any network interface. And output is
written to console itself (-c option). Port and any option is quite understandable
for novice users.
Hopefully, I bet you are going to
be a fan of tcpflow. Have a good and
happy reading Cheers.
No comments:
Post a Comment