rvtrace

Command

Syntax

rvtrace  [-i interface ]
         [-r input_file ]
         [-addr expr ]
         [-src expr ]
         [-dst expr ]
         [-port expr ]
         [-filter expr ]
         [-w output_file ]
         [-w-max-size size ]
         [-w-max-rotations n ]
         [-no-display]
         [-addrinfo]
         [-u update_interval ]
         [-no-mcast]
         [-ptp]
         [-no-subjects]
         [-hostmsgs]
         [-rate]
         [-logfile log_file ]
         [-log-max-size size ]
         [-log-max-rotations n]
         [-snmp]
         [-foreground]
         [-h]

Purpose

rvtrace is a network protocol monitor that specializes in Rendezvous protocols. It collects and prints statistics about network packets.

Remarks

rvtrace runs in a loop—capturing packets, analyzing them, categorizing them, and periodically printing a summary to standard output.

An rvtrace process never exits by itself (except as a consequence of a command syntax error); you must explicitly terminate each process.

Delimit all parameters and arguments with a space character.


Parameter	Description
Data Source
`-i` `interface`	The program monitors packets on the network interface with this name. If absent, the default value varies, depending on operating system and network hardware. For Windows platforms, see also Selecting the Network Interface.
`-r` `input_file`	When present, read recorded packets from `input_file` instead of a network interface. This option overrides the `-i` parameter. For more information, see Data Capture Files.
Data Filtering
`-addr` `expr`	Filter the set of packets to process only those with source or destination in the set of hosts or networks specified in `expr`. For filter expression syntax and semantics, see Filtering. Enclose filter expressions in quotation marks (`"`). The parameter `-addr` `filter` is equivalent to: -filter udp and (src `filter` or dst `filter`) When any of the parameters `-src`, `-dst`, `-addr`, or `-port` are present, `rvtrace` concatenates them into a single effective filter. However, when the `-filter` parameter is present, `rvtrace` ignores all four of these parameters, and `-filter` overrides them.
`-src` `expr`	Filter the set of packets to process only those that originate from the set of hosts or networks specified in `expr`. For filter expression syntax and semantics, see Filtering. Enclose filter expressions in quotation marks (`"`). The parameter `-src` `expr` is equivalent to: -filter udp and src `expr` When any of the parameters `-src`, `-dst`, `-addr`, or `-port` are present, `rvtrace` concatenates them into a single effective filter. However, when the `-filter` parameter is present, `rvtrace` ignores all four of these parameters, and `-filter` overrides them.
`-dst` `expr`	Filter the set of packets to process only those with destination in the set of hosts or networks specified in `expr`. For filter expression syntax and semantics, see Filtering. Enclose filter expressions in quotation marks (`"`). The parameter `-dst` `filter` is equivalent to: -filter udp and dst `filter` When any of the parameters `-src`, `-dst`, `-addr`, or `-port` are present, `rvtrace` concatenates them into a single effective filter. However, when the `-filter` parameter is present, `rvtrace` ignores all four of these parameters, and `-filter` overrides them.
`-port` `expr`	Filter the set of packets to process only those with destination port in the set of ports specified in `expr`. For filter expression syntax and semantics, see Filtering. Enclose filter expressions in quotation marks (`"`). The parameter `-port` `port` is equivalent to: -filter udp and dst port `port` When any of the parameters `-src`, `-dst`, `-addr`, or `-port` are present, `rvtrace` concatenates them into a single effective filter. However, when the `-filter` parameter is present, `rvtrace` ignores all four of these parameters, and `-filter` overrides them.
`-filter` `expr`	Filter the set of packets to process only those that match `expr`. For filter expression syntax and semantics, see Filtering. Enclose filter expressions in quotation marks (`"`). When present, this parameter overrides the `-src`, `-dst`, `-addr`, and `-port` parameters.
Data Capture
`-w` `output_file`	When present, write packet information to `output_file` for later replay or analysis. When absent, do not record packet information to a file. For more information, see Data Capture Files. When `-w` is present, `rvtrace` does not display statistics. To see statistics, use `-r` to read the packet capture file. When both `-r` and `-w` are present, `rvtrace` reads packets from `input_file`, filters them, and then recaptures the filtered packets to `output_file`. You can use this technique to prune an existing capture file by reducing information or filtering extraneous traffic.
`-w-max-size` `size` -w-max-rotations `n`	When present, activate the capture-file rotation regimen (see Data Capture Files and Log Rotation). When you specify these options, you must also specify `-w`. `size` is in megabytes. If `size` is non-zero, it must be in the range [100, 2097152]. Values outside this range are automatically adjusted to the nearest acceptable value. Zero is a special value, which disables rotation. When `-w-max-size` is zero or absent, a single capture file may grow without limit (other than the limit of available storage). `n` indicates the maximum number of files in the rotation. When `-w-max-rotations` is absent, the default value is 10.
Statistics
`-no-display`	When present, do not output statistics. Nonetheless, `rvtrace` continues to compile statistics, which are available through SNMP queries. When absent, `rvtrace` outputs statistics (either to `stdout`, or to a log file).
`-u` `update_interval`	Summarize network packet at this time interval (in seconds). If absent, the default value is 10 seconds.
`-addrinfo`	When present, display network totals, subtotals, and detail rows. When absent, display only network totals and subtotal rows. For example output, see rvtrace Output with -addrinfo, and rvtrace Output without -addrinfo.
`-no-mcast`	When present, omit the multicast table. When absent, display the multicast table; see Multicast Data Statistics.
`-ptp`	When present, display the point-to-point table; see Point-to-Point Statistics; see also Range Limitations. When absent, omit the point-to-point table.
`-no-subjects`	When present, omit the subject table. When absent, display the subject table; see Subject Statistics.
`-hostmsgs`	When present, display Rendezvous `HOST` messages at the conclusion of each interval. TIBCO personnel might request that you supply `rvtrace` output transcript that includes these messages. These messages useful only to TIBCO personnel.
`-rate`	When present, display packet counts as per-second rates. When absent, display the actual number of packets in the update interval.
Log Output
`-logfile` `log_file`	Send log output to this file. When absent, the default is `stdout`.
`-log-max-size` `size` -log-max-rotations `n`	When present, activate the log rotation regimen (see Log Rotation). When you specify these options, you must also specify `-logfile`. `size` is in kilobytes. If `size` is non-zero, it must be in the range [100, 2097152]. Values outside this range are automatically adjusted to the nearest acceptable value. Zero is a special value, which disables log rotation. When `-log-max-size` is zero or absent, a single log file may grow without limit (other than the limit of available storage). `n` indicates the maximum number of files in the rotation. When `-log-max-rotations` is absent, the default value is 10.
Other
`-snmp`	When present, `rvtrace` starts its internal SNMP agent. When absent, `rvtrace` does not start its SNMP agent.
`-foreground`	Available only on UNIX platforms. When present, `rvtrace` runs as a foreground process. When absent, `rvtrace` runs as a background process.
`-h`	When present, output a parameter usage list to standard output, and exit immediately.

Errors

• rvtrace uses the pcap facility, which requires root privileges (because it must open the raw Ethernet device in promiscuous mode). Without appropriate privileges, pcap denies permission to initialize, and rvtrace exits immediately.

• The pcap library calls reject improperly formed filter expressions. It reports them with messages such as this:

pcap_compile: syntax error

This error causes rvtrace to exit.

Did you find this helpful?

Yes No