Linux – n easy command line tool for packet sniffing a single command on linux

command-line-interfacelinuxnetworkingpacket-analyzer

I'd love if there was a single command line tool for packet sniffing a single command in Linux. something like sniff dumpfile command so that you could just run the command you want to packet sniff in the terminal and get a dump of the packets somewhere else.

I'd like to dump / save / see only the network traffic of the single command that I enter, not all the TCP traffic on my single network interface. So if I was logged into my computer and had IRC running in the background, and I did sniff somefile wget http://www.google.com, I'd want to see all the network traffic that the wget command did to download http://www.google.com. I don't want 'somefile' to have the IRC network traffic confusing things.

There are lots of linux/unix commands that accept a different command and do something different. From sudo (run as superuser), nice change nice level, trickle (limit the bandwidth of a command)

Best Answer

There isn't any that I know of, but it theoretically shouldn't be hard to get something similar. Strace can be used to intercept networking syscalls.

# strace -f -e trace=network -s 10000 /usr/bin/command arguments

This will give you information about the data sent between the kernel and the process. The output of strace isn't exactly what you'd want. However, strace uses the ptrace syscall to intercept system calls. It might be possible to write a program to output the data a little more usefully.

Alternatively, you can also intercept the nice useful socket, bind and listen syscalls. It might be possible to write a small program that used ptrace on these calls and libpcap to dynamically change the capture filter every time a new socket is opened.

Related Solutions

Linux – SSH Key Management Tool for Linux Command Line

In Linux I use command lines in terminal windows, and even with agents each window seems to require a passphrase entry.

The standard practice here is to start the ssh-agent before X11 or as part of your session, so the agent will be available to anything your run. The exact method you would use to this depend on how you start X11.

Links:

Using ssh-agent globally for X session

Windows – Does Windows Have a Built-in ZIP Command for Command Line?

It's not built into Windows, but it's in the Resource Kit Tools as COMPRESS,

C:\>compress /?

Syntax:

COMPRESS [-R] [-D] [-S] [ -Z | -ZX ] Source Destination
COMPRESS -R [-D] [-S] [ -Z | -ZX ] Source [Destination]

Description:
Compresses one or more files.

Parameter List:
-R Rename compressed files.

-D Update compressed files only if out of date.

-S Suppress copyright information.

-ZX LZX compression. This is default compression.

-Z MS-ZIP compression.

Source Source file specification. Wildcards may be
used.

Destination Destination file | path specification.
Destination may be a directory. If Source is
multiple files and -r is not specified,
Destination must be a directory.

Examples:

COMPRESS temp.txt compressed.txt
COMPRESS -R *.*
COMPRESS -R *.exe *.dll compressed_dir

Best Answer

Related Solutions

Linux – SSH Key Management Tool for Linux Command Line

Windows – Does Windows Have a Built-in ZIP Command for Command Line?

Related Topic