Maybe you could try using Ethereal's libraries. I think it can group TCP
connections (conversations in Ethereal's terminology) which might be of
use to you.
Regards,
Shiva
> Hi,
>
> I'm a new user of libpcap.
>
> I am writing a program that is intended to monitor the requests made to
> a server f
You might also want to look at tcptrace.
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Not sure exactly what you want to do, but you might look at tcpflow.
>
> - --
> Aaron Turner http://synfin.net
> They that can give up essential liberty to obtain a little temporary
> safety deserve n
>
> "identifies" in what sense?
"identifies" in the same sense as what you have explained :)
>
> When it displays a name for a TCP port number, e.g.:
>
> 15:22:22.268265 IP host2.49536 > host2.http: . ack 1 win 65535
>
> it uses "getservbyport()", so it either uses /etc/services or whatever
