Dados do TCPDUMP [RESOLVIDO]

1. Dados do TCPDUMP [RESOLVIDO]

Fernanda Montovani Albuquerk
fernanda_mon

(usa Debian)

Enviado em 13/10/2017 - 09:24h

Bom dia Pessoal, em pleno feriado prolongado estou com uns problemas em minha rede
um dos meus links esta com a banda sendo consumida por inteiro e ai fui investigar
rodei o tcpdump -i eth2 e a saida foi o seguinte dados:

09:15:54.339453 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034: Flags [.], seq 1022400:1023820, ack 1, win 1026, options [nop,nop,TS val 804933618 ecr 725803], length 1420: HTTP
09:15:54.339457 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034 > 2a01:111:2003::50.http: Flags [.], ack 1023820, win 1427, options [nop,nop,TS val 726068 ecr 804933618], length 0
09:15:54.340948 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034: Flags [P.], seq 1023820:1025240, ack 1, win 1026, options [nop,nop,TS val 804933618 ecr 725803], length 1420: HTTP
09:15:54.340951 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034 > 2a01:111:2003::50.http: Flags [.], ack 1025240, win 1427, options [nop,nop,TS val 726069 ecr 804933618], length 0
09:15:54.342423 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034: Flags [.], seq 1025240:1026660, ack 1, win 1026, options [nop,nop,TS val 804933618 ecr 725803], length 1420: HTTP
09:15:54.342428 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034 > 2a01:111:2003::50.http: Flags [.], ack 1026660, win 1427, options [nop,nop,TS val 726069 ecr 804933618], length 0
09:15:54.343948 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034: Flags [.], seq 1026660:1028080, ack 1, win 1026, options [nop,nop,TS val 804933618 ecr 725803], length 1420: HTTP
09:15:54.343961 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.35034 > 2a01:111:2003::50.http: Flags [.], ack 1028080, win 1427, options [nop,nop,TS val 726069 ecr 804933618], length 0
09:15:54.345352 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.57147: Flags [.], seq 990815:992247, ack 1, win 65106, length 1432: HTTP
09:15:54.346771 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568: Flags [.], seq 1014713:1016133, ack 1, win 1026, options [nop,nop,TS val 272008092 ecr 725804], length 1420: HTTP
09:15:54.346776 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568 > 2a01:111:2003::50.http: Flags [.], ack 1016133, win 1427, options [nop,nop,TS val 726070 ecr 272008092], length 0
09:15:54.348332 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568: Flags [.], seq 1016133:1017553, ack 1, win 1026, options [nop,nop,TS val 272008092 ecr 725804], length 1420: HTTP
09:15:54.348336 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568 > 2a01:111:2003::50.http: Flags [.], ack 1017553, win 1427, options [nop,nop,TS val 726071 ecr 272008092], length 0
09:15:54.349855 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568: Flags [.], seq 1011873:1013293, ack 1, win 1026, options [nop,nop,TS val 272008100 ecr 725806], length 1420: HTTP
09:15:54.349858 IP6 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568 > 2a01:111:2003::50.http: Flags [.], ack 1017553, win 1427, options [nop,nop,TS val 726071 ecr 272008092,nop,nop,sack 1 {1011873:1013293}], length 0
09:15:54.351217 IP6 2a01:111:2003::50.http > 2804:431:b721:100d:2e0:4cff:fe68:12b7.37568: Flags [.], seq 1017553:1018973, ack 1, win 1026, options [nop,nop,TS val 272008100 ecr 725806], length 1420: HTTP


Mas nao sei interpretar, algum pode me ajudar?

;)