Board index Linux Setup

Any tool similar to "truss" and "snoop" for linux?

Any tool similar to "truss" and "snoop" for linux?

Post by drw.. » Sun, 31 Dec 1899 09:00:00



Hi:

    I wonder if Linux has the tools similar to Solaris's "truss" (for
finding out what syscalls a process is making) and "snoop" (for
monitoring network traffic).

    I know "tcpdump", but tcpdump does not print out the packet in
string, making it hard to see what is int he packet. I am already
running version 3.4 of tcpdump, which I believe is the latest version.
Anyone modified tcpdump to do it?

drwang

Sent via Deja.com http://www.deja.com/
Before you buy.

 
 
 
Top

Any tool similar to "truss" and "snoop" for linux?

Post by Grant Edwar » Sun, 31 Dec 1899 09:00:00



>    I wonder if Linux has the tools similar to Solaris's "truss" (for
>finding out what syscalls a process is making)

"strace" is used to trace a program's system calls.  The trick
is to pick the right options so that you get the info you need
without having to sift through mountains of chaff.

Quote:>and "snoop" (for monitoring network traffic).

Under X11, I use ethereal.

--
Grant Edwards                   grante             Yow!  I am a jelly donut. I
                                  at               am a jelly donut.
                               visi.com            

 
 
 
Top

Any tool similar to "truss" and "snoop" for linux?

Post by ajn » Sun, 31 Dec 1899 09:00:00


Quote:>     I know "tcpdump", but tcpdump does not print out the packet in
> string, making it hard to see what is int he packet. I am already
> running version 3.4 of tcpdump, which I believe is the latest version.
> Anyone modified tcpdump to do it?

Ethereal is reasonably useful for looking inside packets

ajn

 
 
 
Top

Any tool similar to "truss" and "snoop" for linux?

Post by Ken Corb » Sun, 31 Dec 1899 09:00:00



Quote:> Hi:

>     I wonder if Linux has the tools similar to Solaris's "truss" (for
> finding out what syscalls a process is making) and "snoop" (for
> monitoring network traffic).

>     I know "tcpdump", but tcpdump does not print out the packet in
> string, making it hard to see what is int he packet. I am already
> running version 3.4 of tcpdump, which I believe is the latest version.
> Anyone modified tcpdump to do it?

I looked into it once, but eventually decided it was going to be a lot
easier to run strings against the the log file that tcpdump generates.
Actually I created a modified version that treated an escape character as
ascii text, but that was a darn site easier the figureing out how tcpdump
works.

Oh yea, you have to use the -s option to tell tcpdump to log the complete
packet.  Otherwise it just logs the tcp headers.

 
 
 
Top

1. GETSERVBYNAME()????????????????????"""""""""""""

Hi,

Does anyone know why

struct servent *serv;
 serv=getservbyname("exec","tcp");

gives a warning err of incomparible pointer type?  

I also can't get rexec to function. It compiles ok....

Thanks

Kirk

2. ANNOUNCE: RosettaMan, a manual page to HTML converter

3. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

4. Problem getting (precompiled) Ssh to run

5. Type "(", ")" and "{", "}" in X...

6. Linux and AOpen CD-936E cdrom

7. "be" similar to "su" ?

8. Trio 64

9. Heroes 0.18 - a game similar to "Tron" or "Nibbles"

10. Appropriate Tools for "enhancing" / "fixing" / creating Linux GPLed code

11. "umsdos" vs "vfat" vs "looped ext2"

12. "Novell-like","non-TCP/IP","networking" OS to place Unix

13. "netstat -nr" should show "default" or "0.0.0.0"?


All times are UTC
Board index