ngrep is a great little utility that allows you to capture and analyze packets.
Realtime network grep tool
ngrep is grep command that works on realtime network data.
ngrep strives to provide most of GNU grep's common features, applying
them to the network layer. ngrep is a pcap-aware tool that will allow
you to specify extended regular or hexadecimal expressions to match
against data payloads of packets. It currently recognizes TCP, UDP
and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null
interfaces, and understands bpf filter logic in the same fashion as
more common packet sniffing tools, such as tcpdump and snoop.
ngrep can be installed in FC4 using yum (it is part of the Fedora Extras repository):
Panel |
---|
yum install ngrep |
On FC3 you either enable the Fedora Extras repository or download it manually:
Panel |
---|
Installing the GPG key:
Panel |
---|
rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt |
Installing the package:
Panel |
---|
rpm --install ngrep-1.44-1.1.fc3.rf.i386.rpm |
Documentation:
Panel |
---|
man ngrep |