From owner-freebsd-questions@FreeBSD.ORG Tue Jan 25 19:52:31 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C89C216A4CE for ; Tue, 25 Jan 2005 19:52:31 +0000 (GMT) Received: from mx.networkiv.net (mx.networkiv.net [65.205.143.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id 49A1543D31 for ; Tue, 25 Jan 2005 19:52:31 +0000 (GMT) (envelope-from slm@networkiv.net) Received: by mx.networkiv.net (Postfix, from userid 5225) id E76D5A10BE; Tue, 25 Jan 2005 14:52:03 -0500 (EST) Date: Tue, 25 Jan 2005 14:52:03 -0500 From: "Stephen L. Martin" To: freebsd-questions@freebsd.org Message-ID: <20050125195203.GB34029@mx.networkiv.net> References: <20050125090405.GW46670@kirk.dlee.org> <20050125194336.GA34029@mx.networkiv.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050125194336.GA34029@mx.networkiv.net> Subject: Re: Any way to get an audio representation of packet flow? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2005 19:52:31 -0000 D'oh...should be: tcpdump -nl icmp |perl -e '$|=1;while(<>){print "\a";}' -Stephen On Tue, Jan 25, 2005 at 02:43:36PM -0500, Stephen L. Martin wrote: > You could do this with a small Perl script: > > tcpdump -nl icmp | perl -e '$|;while(<>){print "\a";}' > > This will give you a beep on your PC speaker every time it sees an ICMP > packet. > > Hope this helps. > > -Stephen > > On Tue, Jan 25, 2005 at 04:04:05AM -0500, Doug Lee wrote: > > Ok, this may be odd to many, but here's what I want: > > > > I like tcpdump's powerful ways of selecting and analyzing specific > > portions of packet traffic, but I want a real-time way to represent > > the results. I am blind, so graphs don't help. Usually all I > > want to know is the pattern of packet match frequency vs. time, so a > > little click for each matching packet would translate nicely into what > > I'm looking for. > > > > My normal tactic involves directing output from tcpdump to /dev/audio > > or even /dev/pcaudio: > > > > tcpdump -l -n [... rules for traffic ...] >/dev/audio > > > > is the first trick I tried. Problem: It causes me to get kernel > > errors like "runt packet" and such, presumably because it adds too > > mmuch overhead to packet processing somehow. (This is a P166; maybe > > that problem wouldn't exist on faster hardware?) > > > > My next trick was like > > > > tcpdump -s 1 -w /dev/audio [... rules for traffic ...] > > > > No errors this time, but the output of -w is buffered regardless of -l > > (which normally makes a lot of sense, of course), so it wasn't very > > real-time. > > > > I currently run FreeBSD 4.10-STABLE, but I'd be interested in any > > solutions requiring 5.x features as well, for future planning. > > > > Please Cc me if you have any ideas. > > > > Thanks much. > > > > > > -- > > Doug Lee dgl@dlee.org http://www.dlee.org > > Bartimaeus Group doug@bartsite.com http://www.bartsite.com > > The very smart may feel they have nothing to learn from anyone; > > The very wise will find something to learn from everyone. (7/14/01) > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > -- > "....the number of UNIX installations has grown to 10, with more expected...." - Dennis Ritchie and Ken Thompson, June 1972 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- "....the number of UNIX installations has grown to 10, with more expected...." - Dennis Ritchie and Ken Thompson, June 1972