Joe Holden wrote:
Ricardo Nabinger Sanchez wrote:
On Tue, 16 Jan 2007 12:06:36 +0000
Joe Holden <[EMAIL PROTECTED]> wrote:
I'm after a tool to view tcp sessions passing through a router,
however dsniff is marked as BROKEN. Are there any alternatives?
If you don't need to inspect the sessions, netstat can show you that:
% netstat -p tcp -n
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address
(state)
tcp4 0 0 192.168.1.100.56965 192.168.1.1.23
ESTABLISHED
tcp4 0 0 192.168.1.100.61375 208.97.136.18.5222
ESTABLISHED
tcp4 0 0 192.168.1.100.54996 208.245.212.98.5223
ESTABLISHED
tcp4 0 0 192.168.1.100.51672 72.14.253.125.5223
ESTABLISHED
Otherwise, you can still use tcpdump:
# tcpdump -n tcp
You can even use a SNMP daemon and query TCP-MIB if you don't want ssh
sessions.
I couldn't infer details about what you really want to do, and feel like
these suggestions are not what you're looking for (YMMV), although
they work
very well for my needs.
Hi, I was looking into using tcpdump, but I was really after something
that outputs the session in readable format. I used to use a port that
would output the session, ie; an IRC session, it would output all the
NICK changes etc, that was sent between client/server. Can't for the
life of me remember what it was called.
Cheers,
Joe
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Wireshark is what I like..
It allows you to analyze stuff as well.. you select
a packet from a TCP flow (or SCTP) and tell it
to analyze it... really cool :-)
R
--
Randall Stewart
NSSTG - Cisco Systems Inc.
803-345-0369 <or> 803-317-4952 (cell)
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
