Simson L. Garfinkel
Simson L. Garfinkel
I'm confused. What would it do with the looked up names?
so `tcpflow` uses host IP addresses for filenames. Do you want the hostnames in the filenames? Do you want to cache the hostname? What if you are runnon on a...
Certainly limiting this to the `-c` mode would make sense. The DNS system already does caching. My question was whether you wanted separate caching. The issue is with fast-flux hostnames...
You should rely on the caching built into the DNS system for most cases. This would be a great way for you to get more experience with C/C++! I am...
You'll need to look at the code. My suspicion is that the .findex file is written when the tcpstream is closed. Do you have pcap file that you can distribute...
Well, it looks like you have a bunch of SSH sessions. Are they long-lived? The file should be written when the session is closed.
You could probably add an option to disable t he sorting and write incrementally, if that's something you need.
I'm not sure. There is a regression test that it passes; can you provide me with a set of packets that do not properly gunzip? > On Nov 6, 2017,...
If you can provide me with a packet dump, I will review it. > On Nov 7, 2017, at 3:10 AM, Oliver Gondža wrote: > > When I run curl...
I want you to give me a pcap file. ---- Sent from my phone. On Nov 7, 2017, at 11:51 PM, Oliver Gondža wrote: I am not sure what you...