FreeBSD Manual Pages
TRAFSHOW(1) General Commands Manual TRAFSHOW(1) NAME trafshow - full screen show network traffic SYNOPSIS trafshow [-eCfknNOpv -c num -i name -r sec -t sec] [-F file | expr] DESCRIPTION TrafShow continuously display the information regarding packet traffic on the configured network interface that match the boolean expression. It periodically sorts and updates this information. This funny program may be useful for locating suspicious network traf- fic on the net or to evaluate current utilization of the network inter- face. OPTIONS -c Exit after receiving number of packets. -C Try to force ansi color mode. May be used when description of your current terminal has no color capability in termcap/ter- minfo data base. -e Show the Ethernet traffic rather than IP. It is possible to switch between them by pressing the ENTER key. -f Print `foreign' internet addresses numerically rather than sym- bolically. -F Use file as input for the filter expression. -i Listen on network interface name. If unspecified, trafshow searches the system interface list for the lowest numbered, con- figured up interface (excluding loopback). -k Disable input keyboard checking. It is intended to avoid loss of packets. -m [src-ip M] [dst-ip M] [src-port M] [dst-port M] [proto M] Mask the specified field with mask M (which should be specified as an hex number e.g. 0xffff0000) before further processing of the packet. This allows to aggregate traffic in the display to ease analysis. -n Don't convert host addresses and port numbers to names. -N Don't print domain name qualification of host names. -O Don't run the packet-matching code optimizer. This is useful only if you suspect a bug in the optimizer. -p Don't put the interface into promiscuous mode. -r Set screen refresh interval to seconds. -t Set max timeout in DNS query to seconds. -v Print detailed version information and exit. expr Select which packets will be displayed. If no expression is given, all packets on the net will be displayed. Otherwise, only packets for which expression is `true' will be displayed. For more details refer to tcpdump(1) man page. FILES /etc/trafshow The default colors configuration file if any. $HOME/.trafshow The personal file with the user defined colors. COLORS If trafshow has been compiled with modern curses libraries such as Slang or Ncurses it been able to show colored traffic on color-capable terminal. The syntax of trafshow color configuration file as follow: default fcolor:bcolor Set the default screen background color-pair port[/proto] fcolor:bcolor Set color pattern by service port from[/mask][:port] to[/mask][:port] proto fcolor:bcolor Set color pattern by pair of from-to addresses The wildcard `*' do match ANY in pattern. Where fcolor is foreground color and bcolor is background color. The fcolor and bcolor may be one of the following: black red green yellow blue magenta cyan white It posible to indicate color as number from 0 to 7. The upper-case Fcolor mean bright *on*. The upper-case Bcolor mean blink *on*. SEE ALSO netstat(1), tcpdump(1), bpf(4) ACKNOWLEDGEMENTS Thanks to Van Jacobson <van@helios.ee.lbl.gov> and Steven McCanne <mc- canne@helios.ee.lbl.gov>, all of Lawrence Berkeley Laboratory, Univer- sity of California, Berkeley, CA. AUTHOR Vladimir Vorobyev <bob@turbo.nsk.su>. BUGS The trafshow functions such as resizeing and coloring under xterm mainly depended of curses library. August 1998 TRAFSHOW(1)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | FILES | COLORS | SEE ALSO | ACKNOWLEDGEMENTS | AUTHOR | BUGS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=trafshow3&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>