[RndTbl] Socket dump utility
Daryl F
wyatt at escape.ca
Wed May 29 23:43:47 CDT 2002
If he knows which interface it is coming from you can use the 'expression'
of tcpdump to narrow the dump down to traffic to, and/or from, a specific
port. For instance,
tcpdump -i eth0 port named
will watch for only DNS on the eth0 interface. Check the manpage for
tcpdump(1). The expression allows lots of filtering and boolean
expressions.
On Wed, 29 May 2002, Scott Balneaves wrote:
> On Wed, 29 May 2002, S/C Conway wrote:
>
> > G'Day,
> > Does anyone know if there is a program that will do a trap on a port
> > similiar to a tcpdump on an interface?
> > I have a programmer with some code problems and he suspects it might
> > be before the data comes out the port. He asked if I had such a beast
> > that could trap port outputs.
> > Does such a utility exist?
>
> I'm just guessing, but might there be a way to log access using iptables?
>
> Scott
>
> --
> Scott L. Balneaves | "If people are good only because they
> Unix Administrator | fear punishment, and hope for reward,
> Legal Aid Manitoba | then we are a sorry lot indeed."
> sbalneav at legalaid.mb.ca | -- Albert Einstein
>
> _______________________________________________
> Roundtable mailing list
> Roundtable at muug.mb.ca
> http://www.muug.mb.ca/mailman/listinfo/roundtable
>
>
>
More information about the Roundtable
mailing list