SNOOPY(8) System Manager's Manual SNOOPY(8)NAME
snoopy - spy on Ethernet packets
SYNOPSIS
snoopy [ -abceiltup9 ] [ -np ] [ -N count ]
DESCRIPTION
Snoopy displays the header and first 20 data bytes of packets received from the local Ethernet. The packets displayed depend on the
options chosen. The following options each select packets from a particular protocol. If more than one flag is given, packets from all
those protocols are displayed.
a ARP
b BOOTP
c ICMP
e all Ethernet packets
i IP
l IL
t TCP
u UDP
By default all addresses are translated into system names. The option n suppresses this.
Snoopy runs in promiscuous mode by default, displaying all packets it can capture from the Ethernet. The option p causes only packets sent
to or from the system snoopy is running on to be displayed.
Option 9 causes the data of TCP and IL messages to be interpreted and displayed as 9P messages. The N option sets the count (default 20)
of the number of bytes to dump in hexadecimal from each packet.
FILES
/net/ether
Ethernet device
SOURCE
/sys/src/cmd/ip/snoopy.c
BUGS
The CPU servers do not take well to running in promiscuous mode. If run on them, snoopy may kill their Ethernets.
SNOOPY(8)
Check Out this Related Man Page
IPCONFIG(8) System Manager's Manual IPCONFIG(8)NAME
ipconfig, arpd, rip - Internet configuration and routing
SYNOPSIS
ip/ipconfig [-abp] [-e etherdev] [-m ip-mask] [ipaddr]
ip/arpd [-pd] [-e etherdev] [-b bcast-addr]
ip/rip [-b]
DESCRIPTION
Ipconfig configures an Internet connection on an Ethernet. The options are
a do not start arpd
b do not use BOOTP to discover a gateway address
p start arpd in promiscuous mode (see below)
e use the Ethernet mounted at /net/etherdev
m set the network mask to ip-mask
If ipaddr is specified on the command line, use that instead of one found in the local database or via the BOOTP protocol.
Arpd performs the Internet Address Resolution Protocol, translating Internet addresses into Ethernet addresses. It is normally started by
ipconfig. The options are
d print debugging to standard output
p (promiscuous) answer ARP requests for any recognized machine. The default is to answer just for the machine running arpd.
e use the Ethernet mounted at /net/etherdev
b use the IP broadcast address bcast-addr instead of the correct one.
Rip runs the routing protocol RIP. It listens for RIP packets on connected networks and updates the kernel routing tables. The only
option, -b, broadcasts routing information onto the networks.
SOURCE
/sys/src/cmd/ip/ipconfig.c
/sys/src/cmd/ip/arpd.c
/sys/src/cmd/ip/rip.c
SEE ALSO ndb(6)IPCONFIG(8)
If you have used snort to build a folder list of computers IP and their packets is there a tcp stream follow application that can be used to re-build the packets? Like ethereal? (1 Reply)
Hello ,
I need to convert X.25 packets to IP packets how should i proceed .......... Please help me , regarding this matter or atleast suggest me some material which can be read regarding this .
Bye (2 Replies)
Morning,
I have to set up some monotoring between 2 servers, basically we need to proove to the LAN team that we a loosing packets.
Is there any way with ping -s that you can specify how many packets you send? I thought there was but maybe not, we want to set up a while loop that echos the... (3 Replies)
I am developing a client-server application. All communication is UDP based. I am sending 1000 packets per second. Every packet having size 15 bytes. At receiving end many packets lost. Please tell me if there any solution for this problem or it is actually problem with UDP. (1 Reply)
I am looking for a really good command logging tool to improve the auditing of my servers. I have previously used snoopy but this is currently a bit flaky and causing serious problems for me, it doesn't look like it's been maintained since 2004, it didn't even want to compile until I added -fPIC... (1 Reply)
Hi,
I'm making a script to compile some packets and I need for each one to check if the compilation is good...
I need to check if "./configure" and "make" runs correctly.
Are any scripting commands to make this?
For example, the solution can be a command that get the program's exit code... (1 Reply)
Hi All,
In Ultra 10 at time system is not displaying value for Ethernet address and Host ID.
Also, when i am trying to change the value of environment variables i am getting below message and value is not changing
Thanks (4 Replies)
Hello everybody,
I've been working with raw sockets since long time ago. I've coded TCP/UDP, ICMP/IP and ARP applications, all resting encapsulated over relative "raw" ethernet frames; but in reality, Ethernet uses MAC addresses and LLC protocol codes (from layer 2) and that's the maximum access... (1 Reply)
I have made an packet capture application running on intel machine, it is capturing packets with src address- 17.0.0.0 destination ip- 66.0.0.0, source port- 0, destination port- 0, and protocol- 0 what does these packets mean ?
The code written to interpreter captured bytes is given below.... (5 Replies)