Etherscope
Eterscope trace graph of specified traffic. It takes multiple tcpdump-like filters (using PCAP) and traces multitrack bandwidth graphs of specified filters.
usage: etherscope [-i <dev>] [-f <filter exp>] [-c <color>] [-s <min_sleep>] [-d <divide by>] [-{k|m}] [-g]
<dev> is the device to sniff
<filter exp> is a valid tcpdump filter expression (more -f can be specified)
<color> is a valid color to draw filtered traffic (more -c can be specified)
<min_sleep> is the minimum time to wait between each print (default 1 sec)
<divide by> is the division value for the bandwidth plot (default 1)
-{k|m} show in kbps or mbps (default is bps)
-g show in ascii graph mode...
-v verbose
usage example: (supposing eth0 has address 192.168.5.7)
etherscope -i eth0 -f "src host 192.168.5.7" -c green -f "dst host 192.168.5.7" -c red -k -s 1 -d 30
will traces:
all ip eth0 outbound traffic in green;
all ip eth0 inbound traffic in red.
|
|
For more info contact Sandro Amato