From owner-freebsd-questions@FreeBSD.ORG Tue Jan 25 19:44:09 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BE2B16A4D6 for ; Tue, 25 Jan 2005 19:44:09 +0000 (GMT) Received: from mx.networkiv.net (mx.networkiv.net [65.205.143.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC11743D48 for ; Tue, 25 Jan 2005 19:44:04 +0000 (GMT) (envelope-from slm@networkiv.net) Received: by mx.networkiv.net (Postfix, from userid 5225) id CB913A10BE; Tue, 25 Jan 2005 14:43:36 -0500 (EST) Date: Tue, 25 Jan 2005 14:43:36 -0500 From: "Stephen L. Martin" To: freebsd-questions@freebsd.org Message-ID: <20050125194336.GA34029@mx.networkiv.net> References: <20050125090405.GW46670@kirk.dlee.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050125090405.GW46670@kirk.dlee.org> Subject: Re: Any way to get an audio representation of packet flow? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2005 19:44:09 -0000 You could do this with a small Perl script: tcpdump -nl icmp | perl -e '$|;while(<>){print "\a";}' This will give you a beep on your PC speaker every time it sees an ICMP packet. Hope this helps. -Stephen On Tue, Jan 25, 2005 at 04:04:05AM -0500, Doug Lee wrote: > Ok, this may be odd to many, but here's what I want: > > I like tcpdump's powerful ways of selecting and analyzing specific > portions of packet traffic, but I want a real-time way to represent > the results. I am blind, so graphs don't help. Usually all I > want to know is the pattern of packet match frequency vs. time, so a > little click for each matching packet would translate nicely into what > I'm looking for. > > My normal tactic involves directing output from tcpdump to /dev/audio > or even /dev/pcaudio: > > tcpdump -l -n [... rules for traffic ...] >/dev/audio > > is the first trick I tried. Problem: It causes me to get kernel > errors like "runt packet" and such, presumably because it adds too > mmuch overhead to packet processing somehow. (This is a P166; maybe > that problem wouldn't exist on faster hardware?) > > My next trick was like > > tcpdump -s 1 -w /dev/audio [... rules for traffic ...] > > No errors this time, but the output of -w is buffered regardless of -l > (which normally makes a lot of sense, of course), so it wasn't very > real-time. > > I currently run FreeBSD 4.10-STABLE, but I'd be interested in any > solutions requiring 5.x features as well, for future planning. > > Please Cc me if you have any ideas. > > Thanks much. > > > -- > Doug Lee dgl@dlee.org http://www.dlee.org > Bartimaeus Group doug@bartsite.com http://www.bartsite.com > The very smart may feel they have nothing to learn from anyone; > The very wise will find something to learn from everyone. (7/14/01) > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- "....the number of UNIX installations has grown to 10, with more expected...." - Dennis Ritchie and Ken Thompson, June 1972