File: USAGE

package info (click to toggle)
ngrep 1.40.1-2.1
  • links: PTS
  • area: main
  • in suites: woody
  • size: 2,812 kB
  • ctags: 1,171
  • sloc: ansic: 14,461; sh: 10,088; makefile: 403; perl: 306; awk: 15; sed: 8
file content (21 lines) | stat: -rw-r--r-- 640 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
 
Examples:

  o ngrep  -qd eth1  'HTTP'  tcp port 80

    Be quiet, look only at tcp packets with either source or dest port
    80 on interface eth1, look for anything matching 'HTTP'. 

  o ngrep  -qd le0 port 53

    Watch all tcp and udp port 53 (nameserver) traffic on interface
    le0.  Be quiet.

  o ngrep  'USER|PASS'  tcp port 21

    Look only at tcp packets with either source or dest port 21, look
    for anything resembling an FTP login.

  o ngrep -wiA 2  'user|pass'  tcp port 21
  
    Alternatively, match either 'user' or 'pass' case insensitively,
    and dump the next 2 packets following (that match the bpf filter).