Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

ngrep is a great little utility that allows you to capture and analyze packets.

Realtime network grep tool

ngrep is grep command that works on realtime network data.

ngrep strives to provide most of GNU grep's common features, applying
them to the network layer. ngrep is a pcap-aware tool that will allow
you to specify extended regular or hexadecimal expressions to match
against data payloads of packets. It currently recognizes TCP, UDP
and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null
interfaces, and understands bpf filter logic in the same fashion as
more common packet sniffing tools, such as tcpdump and snoop.

ngrep can be installed in FC4 using yum (it is part of the Fedora Extras repository):

Panel

yum install ngrep

On FC3 you either enable the Fedora Extras repository or download it manually:

Panel

wget http://ftp.belnet.be/packages/dries.ulyssis.org/fedora/fc3/i386/RPMS.dries/ngrep-1.44-1.1.fc3.rf.i386.rpm .

Installing the GPG key:

Panel

rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt

Installing the package:

Panel

rpm --install ngrep-1.44-1.1.fc3.rf.i386.rpm

Documentation:

Panel

man ngrep