[3213] in bugtraq
real time decode of tcpdump output
daemon@ATHENA.MIT.EDU (Michael Ryan)
Mon Aug 19 14:51:47 1996
Date: Mon, 19 Aug 1996 11:14:01 BST
Reply-To: mike@NetworX.ie
From: Michael Ryan <mike@NetworX.ie>
X-To: bugtraq@crimelab.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Sorry for not having the right subject line but I 'lost' the
original posting after reading it.
On Sat, 17 Aug 1996 16:47:42 -0700 Ficus Kirkpatrick wrote:
> Does anyone know of any freely available "live playback" of tcpdump
> data utilities (a la the playback sessions on takedown.com)?
I made a posting to this list a few days ago, about a program
I wrote, called tcpshow. It decodes tcpdump savefiles. See
http://www.cs.berkeley.edu/~daw/mike/tcpshow.{c,1}
Normally, one would capture the data to a file, using tcpdump
and then use tcpshow to produce a formatted display of the
decoded traffic.
However, it is possible to run tcpshow in 'real time'. One
would enter a command something like this:
tcpdump -s 1518 -lenx | tcpshow -cooked
By the way, the manpage omits the "-cooked" arg in the
EXAMPLES section.
Mike
<mike@NetworX.ie>
---
