Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
First, let me say what I'd like to do. I'd like to count the number of bytes in the data payload of IP packets by port number. Not port name, just number. So I thought I'd enlist the help of tcpdump. Basically, I'm just trying to create a simple toolchain to monitor bandwidth consumption by port number. The following little command line applet, or crapplet, pretty much does what I want: /usr/sbin/tcpdump -b ip -c 64 -n -nn | perl -p -e 's/.*\.(\d+)\s>.*\.(\d\+):.*\((\d+)\).*/$1 $2 $3/' This could work fine if the machine I ran it on sat between my gateway and my internal network. I'd like to get this same output by monitoring traffic on an ethernet segment shared with the gateway. But I can't figure out how to bend tcpdump to my will. For testing, I have two machines on a hub. I want to use tcpdump on one machine to monitor everything happening on the other. Is this possible? -- Ron Peterson -o) 87 Taylor Street /\\ Granby, MA 01033 _\_v https://www.yellowbank.com ----
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |