apache's TCPmon/tcpdump-like utility ...

apache's TCPmon/tcpdump-like utility ...

Post by jweinberg1.. » Wed, 29 Mar 2006 20:19:16



 Is there anything out there like apache's TCPmon(itor) but written in C or
CPP (not Java)?
.
 or how customizable would the utility tcpdump be so that it works
similarly?
.
 Basically, you would set a tcpdump-like utility to:
.
 1._ only listen to certain ports
 2._ only to certain protocols within these (1.) ports otherwise would not
forward the request and only log it as a protocol anomaly/probable security
issue, including the payload in those cases
 3._ for messages that have passed 1. and 2. only sniff the request headers
in and the response headers out
.
 Can you compile tcpdump with options to just do that so that the resulting
executable should be very small?
.
 it would be just a proxy sniffing the headers not the data payload.
.
 Thnaks
 jw
 
 
 

apache's TCPmon/tcpdump-like utility ...

Post by king » Thu, 30 Mar 2006 01:16:12


I am not a clever one. But you are using Linux that can finish your job
by coworking of small program together -- grep. In addition, it is
multiuser, multi-tasking OS. Two tcpdump can run without affecting each
others. Good luck

 
 
 

apache's TCPmon/tcpdump-like utility ...

Post by raxi » Thu, 30 Mar 2006 02:46:07



> Is there anything out there like apache's TCPmon(itor) but written in C or
> CPP (not Java)?
> .
>  or how customizable would the utility tcpdump be so that it works
> similarly?
> .

tcpdump was not designed or intended to be a proxy/packet relaying
program.  It is simply a command line packing sniffing utility.
 
 
 

1. Need tcpdump-like utility for PPP interface.

Greetings.

I would like to trace packets at the PPP interface.

I've played around with tcpdump and am unable to get it to watch
the ppp0 interface ("tcpdump: snoop: unknown physical layer type").

Yes, I know that I can bump the debug level (-d #) on the pppd
daemon and see all kinds of traffic, but I like the
filtering/expression capabilities of tcpdump.

Am I brain-dead [whoa!..you answered way too fast :) ], or is
there another utility that will do the job?  If not, I guess I'll
just use the pppd debug capability and run it through some sort
of filter.

TIA.

Niles Mills
--
http://www.dnsppp.net/nmills

2. Why can't gcc find libX11.so.6?

3. tcpdump question: what do 'sap' and 'moprc' packets mean ?

4. cant see outside network

5. Apache Proxying and the likes.....

6. NIS and ypset

7. tcpdump utility on Solaris 2.3 or 2.4?

8. folder size

9. how to upgrade a Linux distribution so PERL's DBI likes it?

10. Help-PC likes linux so much won't run DOS

11. KDM likes to resize user's images

12. Toys'R Us Likes NT Best

13. TCPDump analysis utilities out there?