G'Day, Does anyone know if there is a program that will do a trap on a port similiar to a tcpdump on an interface? I have a programmer with some code problems and he suspects it might be before the data comes out the port. He asked if I had such a beast that could trap port outputs. Does such a utility exist?
Sean
On Wed, 29 May 2002, S/C Conway wrote:
G'Day, Does anyone know if there is a program that will do a trap on a port similiar to a tcpdump on an interface? I have a programmer with some code problems and he suspects it might be before the data comes out the port. He asked if I had such a beast that could trap port outputs. Does such a utility exist?
I'm just guessing, but might there be a way to log access using iptables?
Scott
If he knows which interface it is coming from you can use the 'expression' of tcpdump to narrow the dump down to traffic to, and/or from, a specific port. For instance, tcpdump -i eth0 port named will watch for only DNS on the eth0 interface. Check the manpage for tcpdump(1). The expression allows lots of filtering and boolean expressions.
On Wed, 29 May 2002, Scott Balneaves wrote:
On Wed, 29 May 2002, S/C Conway wrote:
G'Day, Does anyone know if there is a program that will do a trap on a port similiar to a tcpdump on an interface? I have a programmer with some code problems and he suspects it might be before the data comes out the port. He asked if I had such a beast that could trap port outputs. Does such a utility exist?
I'm just guessing, but might there be a way to log access using iptables?
Scott
-- Scott L. Balneaves | "If people are good only because they Unix Administrator | fear punishment, and hope for reward, Legal Aid Manitoba | then we are a sorry lot indeed." sbalneav@legalaid.mb.ca | -- Albert Einstein
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
-
Daryl F -
S/C Conway -
Scott Balneaves