Yconalyzer-TCP Traffic Analyzer
Yconalyzer 是 Yahoo最近在其开 发者博客上发布了一款开源网络分析工具,可以借此分析网络应用在服务器端与客户端之间的运行状态。
它的几个显著特征如下:
- How many connections lasted more (or less) than X milliseconds?
- 持续时间超过或者小于某时间段内的TCP连接数
- How many connections needed more than N attempts to succeed?
- 尝试N吃才成功的连接数
- What is the distribution of connection duration or connection throughput?
- 连接的持续时间和吞吐量
- What is the distribution of connection duration or throughput for connections in which the server or client sent more than N bytes?
- 连接持续时间和吞吐量在服务端或者客户端数据包发送超过N字节的分布情况
- What specific IP addresses and ports had connections that lasted between 50 and 100 milliseconds long?
- 指定的IP和端口的连接数在特定持续时间内的状况
Yconalyzer 是通过LIBPACP来抓取网络驱动中的数据的…..与TCPDUMP的抓取数据包格式兼容。但是Yconalyzer分析的格式更友好详细 一些。
Yconalyzer 分析:
Tcpdump:
同时Yconalyzer支持tcpdump的所有过滤条件,并适用于TCP协议之上的所有网络协议,如HTTP、SMTP、POP、IMAP等等。
Yconalyzer安装时候有时候显示undefined reference to “Pacp_xxx”,这种情况有时候是没有安装PCAP库,有时候安装了当时找不到,那么可以寻找pcap-config这个文件,配置好Pacp的路径.
__________________________________
#! /bin/sh
#
# Script to give the appropriate compiler flags and linker flags
# to use when building code that uses libpcap.
#
case “$1″ in
–cflags)
echo “-I /usr/local//include//pcap”
;;
–libs)
echo “-L /usr/local//lib -lpcap ”
;;
esac
___________________________________
