LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Monitoring network packets sent (http://www.linuxquestions.org/questions/slackware-14/monitoring-network-packets-sent-4175473832/)

waddles 08-18-2013 04:36 PM

Monitoring network packets sent
 
I think maybe netmap might do this but before I strike off into the woods maybe someone has had a similar need.
I would like to know if my system is repeatedly sending the same query/packets because I find I have to frequently restart a connection to a web site before I can get a connection. When I do it gets it quick (probably cuz pages needed already downloaded), when I don't the browser (FF) just cycles and the lights on the modem stop blinking.
So is there an easy way to find if I am sending duplicate data with the tools provided with Slack 13.37?

T3slider 08-18-2013 05:24 PM

tcpdump will do it (though it may not be overly pretty).
Code:

# tcpdump -i eth0 -w filename.txt
Browse until you encounter the problem (this records a lot of data so it's best if you have an easily reproducible problem...otherwise you may be sifting through irrelevant packets for quite a while). Ctrl+C to stop recording. Then view the data with
Code:

# tcpdump -r filename.txt
Add the -X option to the second command to view the actual data in a readable format instead of just the headers...but with a lot of packets, it makes it difficult to go through it all.

wireshark (see SBo for that) is a much, much nicer way of viewing/visualizing network packets.

waddles 08-18-2013 08:22 PM

Monitoring network packets sent
 
Interesting, hadn't thought about tcpdump but makes some sense.
Wonder if shell script would be fast enough to read one use it as an egrep pattern to find dups? It would I know in examining the file output but looking for something more real time without sinking to C / Tkl-Tik


All times are GMT -5. The time now is 06:45 AM.