Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
IPGRAB(8)		    System Manager's Manual		     IPGRAB(8)

NAME
       ipgrab -	A Verbose Packet Sniffer

SYNOPSIS
       ipgrab [	-ablmnPprTtwx ]	[ -c cnt ] [ -i	if ] [ expr ]

DESCRIPTION
       ipgrab  reads and parses	packets	from the link layer through the	appli-
       cation layer, dumping explicit header information along the way.	 It is
       a lot like tcpdump except that it prints	almost every header field.

   Options
       -a     Do not display application layer data.

       -b     Buffer standard output. Useful when you're redirecting output to
	      a	file.

       -c cnt, --count cnt
	      Terminate	after receiving	cnt packets.

       -C proto, --CCP proto
	      Assume a particular CCP protocol,	such as	MPPC. MPPC is the only
	      one supported as yet.

       -d     Dump extra padding in packets. For example, according to	an  IP
	      header,  the  packet ends	at a certain point, but	the link layer
	      may have	padded	it  beyond  that.  This	 option	 displays  the
	      padding. Not valid in minimal mode.

       -h, --help
	      Display  usage  screen  with  a brief description	of the command
	      line options.

       -i if, --interface if
	      Makes ipgrab listen to packets on	interface if, e.g.,  eth0.  If
	      this option is not used, the default interface will be assumed.

       -l     Don't  display  link-layer  headers. The following protocols are
	      considered to be link layer: ARP,	 CHAP,	Ethernet,  IPCP,  LCP,
	      LLC, Loopback, PPP, PPPoE, Raw, Slip.

       -m     Minimal  mode  output.  When operating in	this mode, ipgrab dis-
	      plays only brief header information.

       -n     Don't display network-layer headers. The following protocols are
	      considered to be network layer:  AH,  ESP,  GRE,	ICMP,  ICMPv6,
	      IGMP, IP,	IPv6, IPX, IPXRIP.

       -P string
	      Initiate a dynamic port mapping. This option must	be followed by
	      a	string of the form `<protocol>=<port>',	such as	`http=8080'.

       -p     Dump  packet payloads beyond what	IPgrab parses. In other	words,
	      if IPgrab	does not parse a particular application,  this	option
	      will dump	application data in hex	and text format.

       -r FILE
	      Read  packets  from  a  file, rather than	an interface. The file
	      shoule be	created	in "raw" format, such as with '-w' option.

       -T     Do not display timestamps	in minimal mode.

       -t     Don't display transport layer headers. The  following  protocols
	      are considered to	be transport layer: SPX, TCP, UDP.

       -v, --version
	      Display version number and then quit.

       -w FILE
	      Write  the  raw  packets	to a file, rather than the screen. The
	      packets will not be parsed. The file can be read with  the  '-r'
	      option.

       -x     Hex  dump	 mode.	After processing each layer, dump out the con-
	      tents of that layer in hex and text. Only	valid in main mode.

       expr   Berkeley packet filter expression.  See tcpdump(8) man page  for
	      details and examples.

SEE ALSO
       tcpdump(8)

NOTES
       Requires	libpcap	version	0.3 or greater to be installed.

AUTHOR
       Michael S. Borella
       http://www.borella.net/mike/
       mike@borella.net

				 07 March 2007			     IPGRAB(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ipgrab&sektion=8&manpath=FreeBSD+Ports+15.0.quarterly>

home | help