Ngrep:方便的数据包匹配和显示工具
ngrep尽可能多的去实现GNUgrep的功能,将它们使用于网络层。Ngrep是一款pcap-aware工具,它许可指定各种规则式或16进制表达式去对数据负载或数据包进行匹配。当时支持TCP、UDP、以太网上的ICMP、PPP、SLIP、FDDI、令牌环(TokenRing)和空接口(nullinterfaces),还能理解相似Tcpdump和snoop等相同方式的bpf过滤器逻辑。(ngrep implements as many features of GNUgrep as possible, using them at the network layer. Ngrep is a pcap-aware tool that allows specifying various regular expressions or hexadecimal expressions to match data payloads or packets. At that time, it supported TCP, UDP, ICMP, PPP, SLIP, FDDI, TokenRing and null interfaces on Ethernet, and also understood bpf filter logic in the same way as Tcpdump and snoop.)
页:
[1]