LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 01-22-2011, 03:14 AM   #1
thelordmule
LQ Newbie
 
Registered: Jul 2006
Location: Australia
Distribution: Mac OSX 10.6, Ubuntu 10.10
Posts: 23

Rep: Reputation: 0
Packet size logging program


Hello all,

I am looking for a simple packet logging utility that just samples the size of incoming/outgoing packets at a fixed interval.

I am not sure how to manipulate the db files generated by darkstat, vnstat, ntop.

I found live vnstat -i eth0 -l give me almost what I need, but I can't save the output because they rewrite the same terminal space

darkstat makes a nice graph via web interface, but I want the data for the graph

just looked into snort and found that I can go through every packet, and grep the file for the content-length, however the time of arrival for each packet is a bit fidgity.

at the very least I am just looking for a program that gives me one column bytes sent for a fixed time interval:
Code:
size
30049
29992
84384
OR two columns, with time of sending and size for each packet
Code:
seconds     size
12345069 30049
12345069 29992
12345070 84384
Any suggestions?
 
Old 01-22-2011, 08:28 PM   #2
sys64738
Member
 
Registered: May 2008
Location: NRW/Germany
Posts: 105

Rep: Reputation: 30
Hmm not quite sure but how about iptraf?
It is not only doing stuff with curses but also wit the command line.
Try:
Code:
man iptraf
I think the option "-L" and the signal "SIGUSR1" might be helpful to you.
 
1 members found this post helpful.
Old 01-26-2011, 09:25 PM   #3
thelordmule
LQ Newbie
 
Registered: Jul 2006
Location: Australia
Distribution: Mac OSX 10.6, Ubuntu 10.10
Posts: 23

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by sys64738 View Post
Hmm not quite sure but how about iptraf?
Thanks for the tip. this is a very nice program. I liked the log file how it presented all the packet sizes, but only logged the first packet size of TCP, whereas all UDP packets are logged

I am rummaging through the source for a quick fix, but its a little tricky...
 
Old 01-26-2011, 09:38 PM   #4
thelordmule
LQ Newbie
 
Registered: Jul 2006
Location: Australia
Distribution: Mac OSX 10.6, Ubuntu 10.10
Posts: 23

Original Poster
Rep: Reputation: 0
I found it! and too conveniently

iptrafmon.c find the code:
Code:
(tcpentry->pcount == 1) &&
and comment it out

recompile

run
Code:
sudo ./iptraf -i eth0 -L apptcptest.log
A glorious amount of TCP traffic data with packet sizes will be at your disposal!

Thanks again sys64738!
 
  


Reply

Tags
dump, logging, networking, packet


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Porting C Program to Linux & Problem with Size of ICMP Packet SeymourButts Programming 11 01-15-2010 09:06 AM
packet logging vortmax Linux - Software 5 01-27-2008 08:46 AM
IP packet logging function help cranium2004 Linux - Networking 0 05-19-2005 08:20 AM
Dropped packet logging jonr Linux - Networking 6 11-18-2004 08:25 AM


All times are GMT -5. The time now is 03:45 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration