GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  IPGRAB (8)

NAME

ipgrab - A Verbose Packet Sniffer

CONTENTS

Synopsis
Description
     Options
See Also
Notes
Author

SYNOPSIS

ipgrab [ -ablmnPprTtwx ] [ -c cnt ] [ -i if ] [ expr ]

DESCRIPTION

ipgrab reads and parses packets from the link layer through the application layer, dumping explicit header information along the way. It is a lot like tcpdump except that it prints almost every header field.

    Options

-a Do not display application layer data.
-b Buffer standard output. Useful when you’re redirecting output to a file.
-c cnt, --count cnt
  Terminate after receiving cnt packets.
-C proto, --CCP proto
  Assume a particular CCP protocol, such as MPPC. MPPC is the only one supported as yet.
-d Dump extra padding in packets. For example, according to an IP header, the packet ends at a certain point, but the link layer may have padded it beyond that. This option displays the padding. Not valid in minimal mode.
-h, --help
  Display usage screen with a brief description of the command line options.
-i if, --interface if
  Makes ipgrab listen to packets on interface if, e.g., eth0. If this option is not used, the default interface will be assumed.
-l Don’t display link-layer headers. The following protocols are considered to be link layer: ARP, CHAP, Ethernet, IPCP, LCP, LLC, Loopback, PPP, PPPoE, Raw, Slip.
-m Minimal mode output. When operating in this mode, ipgrab displays only brief header information.
-n Don’t display network-layer headers. The following protocols are considered to be network layer: AH, ESP, GRE, ICMP, ICMPv6, IGMP, IP, IPv6, IPX, IPXRIP.
-P string
  Initiate a dynamic port mapping. This option must be followed by a string of the form ‘<protocol>=<port>’, such as ‘http=8080’.
-p Dump packet payloads beyond what IPgrab parses. In other words, if IPgrab does not parse a particular application, this option will dump application data in hex and text format.
-r FILE
  Read packets from a file, rather than an interface. The file shoule be created in "raw" format, such as with ’-w’ option.
-T Do not display timestamps in minimal mode.
-t Don’t display transport layer headers. The following protocols are considered to be transport layer: SPX, TCP, UDP.
-v, --version
  Display version number and then quit.
-w FILE
  Write the raw packets to a file, rather than the screen. The packets will not be parsed. The file can be read with the ’-r’ option.
-x Hex dump mode. After processing each layer, dump out the contents of that layer in hex and text. Only valid in main mode.
expr Berkeley packet filter expression. See tcpdump(8) man page for details and examples.

SEE ALSO

tcpdump(8)

NOTES

Requires libpcap version 0.3 or greater to be installed.

AUTHOR

Michael S. Borella
http://www.borella.net/mike/
mike@borella.net

Search for    or go to Top of page |  Section 8 |  Main Index


--> IPGRAB (8) 07 March 2007

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.