"SfR Fresh" - the SfR Freeware/Shareware Archive 
Member "trafshow-3.1/trafshow.1" of archive trafshow-3.1.tgz:
Caution: As a special service "SfR Fresh" has tried to format the requested manual source page into HTML format but links to other man pages may be missing or even errorneous.
Alternatively you can here view or download the uninterpreted manual source code.
That can be also achieved for any archive member file by clicking within an archive contents listing on the first character of the file(path) respectively on the according byte size field.
Table of Contents
trafshow - full screen show network traffic
trafshow [-eCfknNOpv
-c num -i name -r sec -t sec] [-F file | expr]
TrafShow continuously
display the information regarding packet traffic on the configured network
interface that match the boolean expression. It periodically sorts and updates
this information.
This funny program may be useful for locating suspicious network traffic
on the net or to evaluate current utilization of the network interface.
- -c
- Exit after receiving number of packets.
- -C
- Try to force ansi color
mode. May be used when description of your current terminal has no color
capability in termcap/terminfo data base.
- -e
- Show the Ethernet traffic rather
than IP. It is possible to switch between them by pressing the ENTER key.
- -f
- Print ‘foreign’ internet addresses numerically rather than symbolically.
- -F
- Use file as input for the filter expression.
- -i
- Listen on network interface
name. If unspecified, trafshow searches the system interface list for the
lowest numbered, configured up interface (excluding loopback).
- -k
- Disable
input keyboard checking. It is intended to avoid loss of packets.
- -n
- Don’t
convert host addresses and port numbers to names.
- -N
- Don’t print domain name
qualification of host names.
- -O
- Don’t run the packet-matching code optimizer.
This is useful only if you suspect a bug in the optimizer.
- -p
- Don’t put the
interface into promiscuous mode.
- -r
- Set screen refresh interval to seconds.
- -t
- Set max timeout in DNS query to seconds.
- -v
- Print detailed version information
and exit.
- expr
- Select which packets will be displayed. If no expression is
given, all packets on the net will be displayed. Otherwise, only packets
for which expression is ‘true’ will be displayed.
For more details refer to tcpdump(1) man page.
- /etc/trafshow
- The default
colors configuration file if any.
- $HOME/.trafshow
- The personal file with
the user defined colors.
If trafshow has been compiled with modern
curses libraries such as Slang or Ncurses it been able to show colored
traffic on color-capable terminal.
The syntax of trafshow color configuration
file as follow:
- default fcolor:bcolor
- Set the default screen background
color-pair
- port[/proto] fcolor:bcolor
- Set color pattern by service port
- from[/mask][:port] to[/mask][:port] proto fcolor:bcolor
- Set color pattern
by pair of from-to addresses
The wildcard ‘*’ do match ANY in pattern. Where
fcolor is foreground color and bcolor is background color.
The fcolor and bcolor may be one of the following:
- black red green yellow
blue magenta cyan white
- It posible to indicate color as number from
0 to 7.
The upper-case Fcolor mean bright *on*. The upper-case Bcolor mean
blink *on*.
netstat(1), tcpdump(1), bpf(4)
Thanks
to Van Jacobson <van@helios.ee.lbl.gov> and Steven McCanne <mccanne@helios.ee.lbl.gov>,
all of Lawrence Berkeley Laboratory, University of California, Berkeley,
CA.
Vladimir Vorobyev <bob@turbo.nsk.su>.
The trafshow functions such
as resizeing and coloring under xterm mainly depended of curses library.
Table of Contents