Next
PreviousTable of Contents
This is release 0.1 of KSnuffle. KSnuffle is a network traffic monitor
for the KDE desktop. This version should be considered to be Alpha code.
It basically works; it does not, so far as I know, crash, but:
- Network packet decoding is rather restricted at present. It only
really handles TCP/IP and UDP/IP, but even this is not complete and
may contain errors. I have used the code in tcpdump as a base,
but it is not very clear (at least, to me!). My book on IP protocols
may be more forthcoming!
- Currently, the code assumes that all network packets come off an
EtherNet. If you attach a monitor to, say, a PPP or an FDDI device,
then the results may or (more likely) may not be correct.
1.1 Features
Some of KSnuffle's features include:
- Basic filtering and packet selection via the GUI
- Advanced filtering and packet selection via filter programs
- Multiple concurrent monitors
- Text and binary logging, plus replay of binary log files
- Textual display of network traffic
- Network load histograms and time-averaged load display
-
Parallel display of multiple load histograms
- Save and restored filter and packet selection configurations
KSnuffle passes filter desciptions to the underlying network
capture code exactly as for tcpdump. Please see the manual
pages for this utility for further details.
1.2 Caveat
Please note that KSnuffle is based on libpcap-0.4, as used in, for
example, the tcpdump utility. Since I only have access to Linux
machines, I only have libpcap for Linux. If you wish to run KSnuffle
on a system other than Linux, you will need to get hold of a suitable
version of libpcap and rebuild the program.
Mike Richardson
mike@quaking.demon.co.uk
Next
PreviousTable of Contents