PcapTrace

As good as tcpTrace & proxyTrace etc are, its just a pain to change your code so you can debug. Well, no more, PcapTrace is a packet capture tool with the familar GUI of tcpTrace. Simply run pcapTrace, tell it what server and port your code is connecting to and it will capture all the data and display in the familar tcpTrace style GUI. As with tcpTrace you can log the captures to disk in either a text or XML format.

Here's a screen shot [130k] of it in action, capturing HTTP traffic from IE.

PcapTrace is still available below, but has been superceeded by YATT, you'll probably want to grab that instead.

Options

After starting, you'll be prompted to enter the destination server & port you want to monitor, with options to log to disk, fill in the relevant details, and off you go !.

1. Destination Server, enter the name or IP address of the server you want to monitor.
2. Destination Port, enter the port number that you want to monitor.
3. Create log File, check this to store the captures to a file.
4. Log Filename, the filename of the log file to create. [use the ... button to browse].
5. Use XML logfile format, check this to use the XML based log file format, uncheck it to use the text log file.

Command Line Options

If you prefer to set-up a pcapTrace session via a command line rather than via the GUI, then there are the following command line options

• /listen <port> : specifies the local port to listen on.
• /serverPort <port> : specifies the destination port to forward traffic to.
• /serverName <servername> : specifies the destination server to forward traffic to.
• /log <log filename> : enables logging to the specified file.
• /logFormat <xml | plain> : specifies the logfile format (when logging is enabled) use xml or plain (plain is default).
• /kill : stops all running instances of tcpTrace and exits. this can be useful for batch based testing.

e.g.
pcaptrace /serverName services.xmethods.net /serverPort 80
pcaptrace /serverName soap.4s4c.com /serverPort 80 /log c:\log.xml /logFormat xml

Limitations

• You can't capture from the loopback adapter (127.0.0.1), it can only capture from a physical NIC.
• If you have more than one NIC, pcapTrace currently binds to the first valid one, a future version will allow you to change this. [grab YATT instead, it already supports this and more]
• You'll need at least WinPCAP v2.3 for XP or Win 2003 server. You'll need at least WinPCAP 3.0 for SMP based machines.

Installation

PcapTrace uses the WinPcap library to perform the actual packet captures, you need to download and install WinPcap 2.2 first.
Download the latest version of pcapTrace here.

Release History

v0.1.0 (Build 74) September 3, 2001

• Initial Release.