From owner-freebsd-net@freebsd.org  Thu Nov  2 19:35:46 2017
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4B34DE61A22
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Thu,  2 Nov 2017 19:35:46 +0000 (UTC) (envelope-from 3des@inx.su)
Received: from relay12.nicmail.ru (relay12.nicmail.ru [195.208.5.7])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id AB936667C6
 for <freebsd-net@freebsd.org>; Thu,  2 Nov 2017 19:35:44 +0000 (UTC)
 (envelope-from 3des@inx.su)
Received: from [109.70.25.227] (port=58478 helo=[192.168.35.23])
 by f06.mail.nic.ru with esmtp (Exim 5.55)
 (envelope-from <3des@inx.su>)
 id 1eALHD-000AJH-0h; Thu, 02 Nov 2017 22:35:43 +0300
Received: from [37.190.110.16] (account 3des@inx.su HELO [192.168.35.23])
 by proxy05.mail.nic.ru (Exim 5.55)
 with id 1eALHA-0000LU-6X; Thu, 02 Nov 2017 22:35:40 +0300
Subject: Re: IP packet header visualization software
To: Kevin Oberman <rkoberman@gmail.com>
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
References: <6de334e9-8962-e43d-006d-8bc2fe4ec1ea@inx.su>
 <CAN6yY1tT41u0pGK-6-YSU6f0gh-KiEAeY_P53CiP7JoL+Xdsyg@mail.gmail.com>
From: DES <3des@inx.su>
Message-ID: <9ba277c4-d0b2-3eb7-2fcd-680eb47e2577@inx.su>
Date: Thu, 2 Nov 2017 22:35:41 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CAN6yY1tT41u0pGK-6-YSU6f0gh-KiEAeY_P53CiP7JoL+Xdsyg@mail.gmail.com>
Content-Language: en-US
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2017 19:35:46 -0000

thank you for the response Kevin and Bakul,

but neither tcptrace nor ethereal/wireshark is what I'm looking for. As 
I said, the application I was using was drawing single IP packet header 
similar to what is presented in RFC791 -

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |Version|  IHL  |Type of Service|          Total Length         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |         Identification        |Flags|      Fragment Offset    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |  Time to Live |    Protocol   |         Header Checksum       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                       Source Address                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                    Destination Address                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                    Options                    | Padding    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

But a) graphically with colors, b) with actual packet/header data from 
the captured IP packet.

Actual result looked similar to this picture -
https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/com.ibm.aix.networkcomm/figures/comma35.jpg

thank you
3des

On 02.11.2017 02:38, Kevin Oberman wrote:
> On Wed, Nov 1, 2017 at 2:46 PM, DES <3des@inx.su <mailto:3des@inx.su>> 
> wrote:
>
>     Hello FreeBSD-Net,
>
>     does anybody remember, around year 2004, there was a software
>     application available (either as port, or package). Unfortunately
>     I do not recall the application name and I'm not able to find it
>     again, although I've reviewed the Ports collection from year 2005
>     which I have on 3 DVDs. I do not remember if the application
>     captured data from the network interface by itself, or used
>     tcpdump output, that actually doesn't matter. What matters is that
>     this app draw a picture of the selected IP packet's header,
>     similar to the one in RFC791 at page 11, chapter "3.1. Internet
>     Header Format". The picture drawn was minimalistic and in colors
>     (green, yellow), and it showed the field values from the actual
>     capture. I've ran it under TWM, and it looked close to that one,
>     but showing captured values instead of (or along with) field names -
>
>     Appreciate if anybody remembers that application by a chance and
>     could tell its name.
>
>     thank you
>
>     3des
>
>
> tcptrace? I have not used it since I retired, but I think it was 
> similar to what you are looking for. Its output is just text. It used 
> an external tool to implement the plots, xplot. xplot died back on 
> gcc-3.3 and I have no idea what its current status is, but I fear it's 
> abandoned, xpolt.org <http://xpolt.org> still is alive, though.
>