At 12:11 PM 8/14/2003 +1000, Dominiod wrote:
Hi,

Is there a simple tool in freebsd (in ports?) that allows you to see data going to
and from a particular port on your machine?

tcpdump works in real time


e.g.
telus-151front# tcpdump -n -c 2 -i fxp1 -Xx -s 1500 -vvv -e dst port 135
tcpdump: listening on fxp1
22:33:10.094691 0:a:f3:a5:c8:bc 0:d0:b7:27:55:43 0800 62: 205.208.237.95.4971 > 205.211.165.222.135: S [tcp sum ok] 649409298:649409298(0) win 8760 <mss 1460,nop,nop,sackOK> (DF) (ttl 113, id 10944, len 48)
0x0000 4500 0030 2ac0 4000 7106 b025 cdd0 ed5f [EMAIL PROTECTED]
0x0010 cdd3 a5de 136b 0087 26b5 3312 0000 0000 .....k..&.3.....
0x0020 7002 2238 c44b 0000 0204 05b4 0101 0402 p."8.K..........
22:33:10.095728 0:a:f3:a5:c8:bc 0:d0:b7:27:55:43 0800 62: 205.208.237.95.4974 > 205.211.165.225.135: S [tcp sum ok] 649551298:649551298(0) win 8760 <mss 1460,nop,nop,sackOK> (DF) (ttl 112, id 10947, len 48)
0x0000 4500 0030 2ac3 4000 7006 b11f cdd0 ed5f [EMAIL PROTECTED]
0x0010 cdd3 a5e1 136e 0087 26b7 5dc2 0000 0000 .....n..&.].....
0x0020 7002 2238 9993 0000 0204 05b4 0101 0402 p."8............
4658 packets received by filter
0 packets dropped by kernel
telus-151front#



Dont do DNS lookups of the IP addresses involved, capture 2 packets on fxp1, do it in hex and ascii, upto 1500 bytes, be very verbose, print link layer stuff and only for crap destined for port 135.


If you want something more point and click, try ethereal.

Also, ipfw can be handy as well.

ipfw add 10 count log tcp from any to any 135 setup in via fxp1

---Mike


-------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, [EMAIL PROTECTED] Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to