Simson L. Garfinkel
Simson L. Garfinkel
Much better. Thanks. I’ll take a look. (Sent from my laptop.) __________________________ Simson L. Garfinkel https://simson.net/ 202-649-0029 > On Nov 17, 2017, at 6:16 PM, Matthew Fulmer wrote: > >...
I won’t be able to get to this for a while. ---- Sent from my phone. On Oct 27, 2018, at 4:44 AM, Sergey F. wrote: Still unresolved... Same problem...
I'm in the process of doing a complete rewrite of the be13_api that's used by both tcpflow and bulk_extractor. This is an important issue, but the rewrite is more important....
Meanwhile, is it okay if I download your log and add it to the set of unit-tests?
Thanks again. I'll get to this when the be13_api rewrite is finished. I'll be making tcpflow work with the rewrite before bulk_extractor, as it's a simpler program. The whole system...
> Not working for me with 1.5.1. > > `Content-Encoding: gzip` and response is displayed not decoded with `-c` or without. 🤷♂️ Thanks for the report. Nobody has worked on...
Can you describe specifically what you want. You already have the ability to store files in sub directories by specifying a custom filename pattern.
You'll have to fill me in. I don't know what you mean by "TCP stream number."
Did you try this: ``` .\tcpflow64.exe -o out -a -r example.pcap -T %C/%N_%A-%a_%B-%b.txt -S enable_report=YES ```
Thanks for posting that. You are correct. WireShark is showing you the two sides of the TCP stream interleaved, and tcpflow is not doing that. There is a single TCP...