GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  TRAFSHOW (1)

NAME

trafshow - full screen show network traffic

CONTENTS

Synopsis
Description
Options
Files
Colors
See Also
Acknowledgements
Author
Bugs

SYNOPSIS

trafshow [-eCfknNOpv -c num -i name -r sec -t sec] [-F file | expr]

DESCRIPTION

TrafShow continuously display the information regarding packet traffic on the configured network interface that match the boolean expression. It periodically sorts and updates this information.
This funny program may be useful for locating suspicious network traffic on the net or to evaluate current utilization of the network interface.

OPTIONS

-c Exit after receiving number of packets.
-C Try to force ansi color mode. May be used when description of your current terminal has no color capability in termcap/terminfo data base.
-e Show the Ethernet traffic rather than IP. It is possible to switch between them by pressing the ENTER key.
-f Print ‘foreign’ internet addresses numerically rather than symbolically.
-F Use file as input for the filter expression.
-i Listen on network interface name. If unspecified, trafshow searches the system interface list for the lowest numbered, configured up interface (excluding loopback).
-k Disable input keyboard checking. It is intended to avoid loss of packets.
-m [src-ip M] [dst-ip M] [src-port M] [dst-port M] [proto M]
Mask the specified field with mask M (which should be specified as an hex number e.g. 0xffff0000) before further processing of the packet. This allows to aggregate traffic in the display to ease analysis.

.The masks for all field not specified will be set to 0.
-n Don’t convert host addresses and port numbers to names.
-N Don’t print domain name qualification of host names.
-O Don’t run the packet-matching code optimizer. This is useful only if you suspect a bug in the optimizer.
-p Don’t put the interface into promiscuous mode.
-r Set screen refresh interval to seconds.
-t Set max timeout in DNS query to seconds.
-v Print detailed version information and exit.
expr Select which packets will be displayed. If no expression is given, all packets on the net will be displayed. Otherwise, only packets for which expression is ‘true’ will be displayed.
For more details refer to tcpdump(1) man page.

FILES

/etc/trafshow
  The default colors configuration file if any.
$HOME/.trafshow
  The personal file with the user defined colors.

COLORS

If trafshow has been compiled with modern curses libraries such as Slang or Ncurses it been able to show colored traffic on color-capable terminal.

The syntax of trafshow color configuration file as follow:
default fcolor:bcolor
  Set the default screen background color-pair
port[/proto] fcolor:bcolor
  Set color pattern by service port
from[/mask][:port] to[/mask][:port] proto fcolor:bcolor
  Set color pattern by pair of from-to addresses
The wildcard ‘*’ do match ANY in pattern. Where fcolor is foreground color and bcolor is background color.
The fcolor and bcolor may be one of the following:
black red green yellow blue magenta cyan white
  It posible to indicate color as number from 0 to 7.
The upper-case Fcolor mean bright *on*. The upper-case Bcolor mean blink *on*.

SEE ALSO

netstat(1), tcpdump(1), bpf(4)

ACKNOWLEDGEMENTS

Thanks to Van Jacobson <van@helios.ee.lbl.gov> and Steven McCanne <mccanne@helios.ee.lbl.gov>, all of Lawrence Berkeley Laboratory, University of California, Berkeley, CA.

AUTHOR

Vladimir Vorobyev <bob@turbo.nsk.su>.

BUGS

The trafshow functions such as resizeing and coloring under xterm mainly depended of curses library.
Search for    or go to Top of page |  Section 1 |  Main Index


--> TRAFSHOW (1) August 1998

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.