(ngrep implements as many features of GNUgrep as possible, using them at the network layer. Ngrep is a pcap-aware tool that allows specifying various regular expressions or hexadecimal expressions to match data payloads or packets. At that time, it supported TCP, UDP, ICMP, PPP, SLIP, FDDI, TokenRing and null interfaces on Ethernet, and also understood bpf filter logic in the same way as Tcpdump and snoop.)