10 More Discussions You Might Find Interesting
1. Programming
I have reviewed many examples on-line about running another process (either PERL or shell command or a program), but do not find any usefull for my needs way. (Reviewed and not useful the system(), 'back ticks', exec() and open())
I would like to run another PERL-script from first one, not... (1 Reply)
Discussion started by: alex_5161
1 Replies
2. Solaris
Dears,
I am trying to run a bash script to take a snoop on an interface with a certain port for like 5 minute and once the snoop is finished I need to parse the snoop file on unix/solaris without using WIRESHARK or ETHERAL.
the snoop that I will capture will be for DIAMETER Protocol and... (4 Replies)
Discussion started by: jojo123
4 Replies
3. Shell Programming and Scripting
Hi
I want to write a script for snoop which can do snoop for 30 min and then process should be killed automatically
I am using below codes
#!/usr/bin/ksh
snoop -d igb0 -o /opt/temp/abc.pcap
sleep 1500
kill -9 `ps -ef|grep -i snoop |grep -v grep|awk '{print $2}'`
But process is not... (3 Replies)
Discussion started by: anish19
3 Replies
4. Shell Programming and Scripting
Hi Everyone :),
Need your advice as I'm new to UNIX scripting.. I'm trying to write a script to capture snoop output for 5 minutes for every hour for 24 hours. To stop snoop, I need to press Control-C to break it. This is what I got so far, but now I'm stuck! :confused:
The script:
# cat... (2 Replies)
Discussion started by: faraaris
2 Replies
5. UNIX for Advanced & Expert Users
Hi,
Can anyone please tell me a ftp site where I can download the solaris snoop package? I need to download the package so I can use the command in a Linux environment instead of using tcpdump. Need practice with snoop.
Thanks for your help. (3 Replies)
Discussion started by: Pouchie1
3 Replies
6. Shell Programming and Scripting
Hi all,
I want to monitoring my interface every 6 hours where i want to run snoop command to capture all packet through the interface, so i want running snoop then snoop will run for 5 minutes after that snoop stop then will start again after 6 hours than run for 5 minutes again.
thereis any... (9 Replies)
Discussion started by: tindasz
9 Replies
7. Shell Programming and Scripting
Hi,
I want to write a script that checks an interface with the snoop command, if there is no traffic in 10 minutes on port 123 from the ip add 10.*.*.* it should send a e-mail.but i don't know how to start writing this script does anybody have an idea or an sample script that i can modifi.
... (2 Replies)
Discussion started by: tafil
2 Replies
8. Solaris
Hi.
I'm trying to capture traffic with the snoop command using the net expression but I fail when a I've to specify a subnet
ex: 10.201.64/18
Did you know the correct syntax?
I've tried with
snoop -ta -x0 net 10.201.64.0 255.255.192.0
but doesn't match.
Thnx (4 Replies)
Discussion started by: kurtolo
4 Replies
9. Solaris
Hello! It is my first post in this forum :).
I`m facing a strange issue. I am using a Solaris 8 as OS, and using the ipnat (ipf) to NAT an incoming port to another, as following:
Host SUN with Solaris 8/NAT WEB Page
(A.B.C.D:80) ---> |A.B.C.D:80 ->... (0 Replies)
Discussion started by: mf_lattanzi
0 Replies
10. UNIX for Dummies Questions & Answers
is there a snoop equivalent in other flavors of unix? HPUX, SCO or linux.
TIA
Peter (2 Replies)
Discussion started by: pbonilla
2 Replies
NG_GIF(4) BSD Kernel Interfaces Manual NG_GIF(4)
NAME
ng_gif -- generic tunnel interface netgraph node type
SYNOPSIS
#include <netgraph/ng_gif.h>
DESCRIPTION
The ng_gif netgraph node type allows gif(4) interfaces to interact with the netgraph(4) networking subsystem. Once the ng_gif module is
loaded in the kernel, a node is automatically created for each gif(4) interface in the system. Each node will attempt to name itself with
the same name as the associated interface. All ng_gif nodes are persistent for as long as the interface itself exists.
Two hooks are supported: lower and orphans. The hook name divert may be used as an alias for lower, and is provided for compatibility with
ng_ether(4). In reality the two names represent the same hook.
The lower hook is a connection to the raw gif(4) device. When connected, all incoming packets are diverted out this hook. Writing to this
hook results in a raw encapsulated packet being transmitted by the device. Normal outgoing packets are not affected by lower being con-
nected.
The orphans hook is equivalent to lower, except that only unrecognized packets (that would otherwise be discarded) are written to the hook,
and normal incoming traffic is unaffected. At most one of orphans and lower may be connected at any time.
In all cases, frames are raw packets with the address family of the packet attached to the front.
When no hooks are connected, packets flow normally upwards and downwards.
HOOKS
This node type supports the following hooks:
lower Connection to the lower device link layer.
orphans Like lower, but only receives unrecognized packets.
CONTROL MESSAGES
This node type supports only the generic control messages.
EXAMPLES
This command dumps all unrecognized packets received by the gif0 interface to standard output decoded in hex and ASCII:
nghook -a gif0: orphans
SEE ALSO
gif(4), netgraph(4), netintro(4), ifconfig(8), ngctl(8), nghook(8)
AUTHORS
Brooks Davis <brooks@FreeBSD.org>
BSD
September 18, 2001 BSD
