Date: Tue, 25 Jan 2005 04:04:05 -0500 From: Doug Lee <dgl@dlee.org> To: freebsd-questions@freebsd.org Subject: Any way to get an audio representation of packet flow? Message-ID: <20050125090405.GW46670@kirk.dlee.org>
next in thread | raw e-mail | index | archive | help
Ok, this may be odd to many, but here's what I want: I like tcpdump's powerful ways of selecting and analyzing specific portions of packet traffic, but I want a real-time way to represent the results. I am blind, so graphs don't help. <grin> Usually all I want to know is the pattern of packet match frequency vs. time, so a little click for each matching packet would translate nicely into what I'm looking for. My normal tactic involves directing output from tcpdump to /dev/audio or even /dev/pcaudio: tcpdump -l -n [... rules for traffic ...] >/dev/audio is the first trick I tried. Problem: It causes me to get kernel errors like "runt packet" and such, presumably because it adds too mmuch overhead to packet processing somehow. (This is a P166; maybe that problem wouldn't exist on faster hardware?) My next trick was like tcpdump -s 1 -w /dev/audio [... rules for traffic ...] No errors this time, but the output of -w is buffered regardless of -l (which normally makes a lot of sense, of course), so it wasn't very real-time. I currently run FreeBSD 4.10-STABLE, but I'd be interested in any solutions requiring 5.x features as well, for future planning. Please Cc me if you have any ideas. Thanks much. -- Doug Lee dgl@dlee.org http://www.dlee.org Bartimaeus Group doug@bartsite.com http://www.bartsite.com The very smart may feel they have nothing to learn from anyone; The very wise will find something to learn from everyone. (7/14/01)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050125090405.GW46670>