Skip to content

A utility to convert DCCP packet captures to TCP captures for analysis with tcptrace

License

Notifications You must be signed in to change notification settings

samueljero/dccp2tcp

Repository files navigation

This program converts a DCCP (Datagram Congestion Control Protocol) packet capture
in PCAP format into a TCP packet capture in PCAP format with the intention that
that capture be analysed with tcptrace (http://www.tcptrace.org) in order to generate
graphs/stats to understand the DCCP protocol.


In order to build this program, please simply type make at the commandline. I have not
included a ./configure script with this program because this program will only compile
on linux anyway (we need the dccp header include file) and it comprises only one file.
If you have problems, simply modify the make file as needed. Contact me, if major problems
arise.

In order to utilize this program effectively you will also need Tcptrace, which you can download
from http://www.tcptrace.org and the version of xplot available from http://www.tcptrace.org under
"Useful Companion Programs" (Note! This is not the xplot that is in the Ubuntu repositories).


Usage is pretty simple:
dccp2tcp dccp_file tcp_file [-v] [-V] [h] [-y] [-g] [-s]
	-v is verbose. Repeat for additional verbosity.
	-V is Version information
	-h is help
	-y shifts the window line in tcptrace (yellow) to the highest received acknowledgment. Normally this line is just a constant amount more than the ack number(i.e. useless).
	-g shifts the ack line in tcptrace (green) to the highest received acknowledgment. Normally this line is the standard TCP ack number, which, for DCCP, translates to the highest contiguous acknowledgement in the ack vector.
	-s converts the DCCP ack vector to TCP SACKS. Specify -s twice to only see those Ack vectors with a loss interval in them. This is convenient way to see loss events.

For typical usage, you probably want -s -s.

Once you run dccp2tcp, you will then want to run tcptrace on the tcp_file to generate graphs. The command should be something like this:
tcptrace -lGt tcp_file

You can then use xplot to view the resulting graphs, like this:
xplot a2b_tsg.xpl a2b_rtt.xpl

One important note on interpreting the graphs is that DCCP Ack packets show up
as TCP packets containing one byte.

Finally, an important limitation of this program is that DCCP MUST use 48 bit
sequence numbers. dccp2tcp will complain at you if you try to process a connection
with short sequence numbers.

dccp2tcp is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

dccp2tcp is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with dccp2tcp.  If not, see <http://www.gnu.org/licenses/>.


Copyright 2013
Samuel Jero
Masters Student
Internetworking Research Group
Ohio University
sj323707@ohio.edu

About

A utility to convert DCCP packet captures to TCP captures for analysis with tcptrace

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published