Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add --overview and --no-print options to tcpdump #1033

Draft
wants to merge 9 commits into
base: master
Choose a base branch
from
Draft

Add --overview and --no-print options to tcpdump #1033

wants to merge 9 commits into from

Conversation

dmcamens-legrand
Copy link

This PR adds the following command line options to tcpdump.

--overview: to print an overview of the contents of the capture
--no-print: to suppress printing of individual packets (useful with --overview)

The --overview option prints output that looks like the following. It can be used with either a live capture or a capture file (-r option).

OVERVIEW
--------
packets_captured: 331
bytes_captured: 132951
seconds: 7
hours: 0.00

SRC            DST              PACKETS BYTES
192.168.1.73   239.255.133.141        7  1101
192.168.1.74   239.255.133.141       69  8665
192.168.1.112  34.107.221.82          1    66
192.168.1.71   239.255.133.141        9   774
34.107.221.82  192.168.1.112          1    66
192.168.1.75   239.255.133.141       13  1615
192.168.1.112  34.160.144.191         2   178
34.160.144.191 192.168.1.112          2   178
63.254.192.168 1.122.0.0              6   360
192.168.1.142  224.0.0.251            2   140
192.168.1.116  224.0.0.251            8   712
192.168.1.112  192.168.100.1          2   200
192.168.1.76   239.255.133.141        8   688
192.168.1.108  224.0.0.251            9   843
192.168.100.1  192.168.1.112          2   261
192.168.1.110  224.0.0.251            8   712
192.168.1.71   239.255.255.250        9  3309
192.168.1.76   239.255.255.250        9  3309
192.168.1.70   239.255.133.141        5   430
1.0.3.0        12.244.31.84           1    60
192.168.1.72   239.255.133.141        6  1022
78.11.192.168  1.73.255.255           1    60
192.168.1.75   239.255.255.250        9  3309
192.168.1.122  255.255.255.255        2   120
192.168.1.104  224.0.0.251            7   535
0.0.0.0        255.157.127.146        1   151
192.168.1.71   224.0.0.251            1    80
192.168.1.100  224.0.0.251            1   394
192.168.1.74   224.0.0.251            1    80
192.168.1.124  224.0.0.251            1   394
192.168.1.119  224.0.0.251            1   402
192.168.1.75   224.0.0.251            1    80
192.168.1.76   224.0.0.251            1    80
192.168.1.73   224.0.0.251            1    80
192.168.1.70   224.0.0.251            1    80
192.168.1.16   192.168.1.255          3   189
32.0.0.0       0.128.0.164            3   357
192.168.1.72   224.0.0.251            1    80
192.168.1.71   224.0.0.147            1   236
192.168.1.112  72.21.91.29            5   330
72.21.91.29    192.168.1.112          5   330
192.168.1.76   224.0.0.147            1   236
192.168.1.74   224.0.0.147            1   236
192.168.1.112  104.76.214.179         1    66
192.168.1.112  23.34.242.11           1    66
192.168.1.112  18.67.79.46            1    66
192.168.1.73   224.0.0.147            1   235
104.76.214.179 192.168.1.112          1    66
23.34.242.11   192.168.1.112          1    66
18.67.79.46    192.168.1.112          1    66
192.168.1.75   224.0.0.147            1   236
192.168.1.112  75.75.77.2             8  1173
192.168.1.112  208.80.154.224        27  2415
75.75.77.2     192.168.1.112          9  1121
208.80.154.224 192.168.1.112         24 90030
192.168.1.112  142.251.163.94         1    66
142.251.163.94 192.168.1.112          1    66
192.168.1.16   239.255.255.250        1   143
192.168.1.70   224.0.0.147            1   236
192.168.1.70   239.255.255.250        9  3309
192.168.1.72   224.0.0.147            1   235
1.0.3.0        55.47.89.35            1    60
192.168.1.112  104.18.32.68           5   270
104.18.32.68   192.168.1.112          5   300
192.168.1.112  172.253.115.94         1    66
172.253.115.94 192.168.1.112          1    66

dmcamens-legrand and others added 6 commits February 3, 2023 15:04
@dmcamens-legrand
Add --overview and --no-print options
1620611 
--overview: that prints an overview of the contents of the capture
--no-print: suppress printing of individual packets
@dmcamens-legrand
Merge pull request #6 from legrand-home-systems-mdt/dmc-add-overview-…
fb196d9 
…option-master

Add --overview and --no-print options
Update CHANGES, fix option numbering
742aa8b
@dmcamens-legrand
Merge pull request #7 from legrand-home-systems-mdt/dmc-clean-up
53bf78c 
Update CHANGES, fix option numbering
Fix unused parameter warning
df245a2
@dmcamens-legrand
Merge pull request #8 from legrand-home-systems-mdt/dmc-fix-build-errors
b480f48 
Fix build errors
@infrastation
Copy link
Member

Thank you for preparing these changes. Please note that this prototype has a few significant issues. To an extent this is caused by trying to retrofit a detailed statistics feature into a code base that is not designed to produce such output. This would be much better done in a separate program that takes a pcap savefile as an input.

In particular, please have a look at ipsumdump, which either already implements this type of statistics, or might be much easier to extend for that than tcpdump.

@dmcamens-legrand
Copy link
Author

Hi @infrastation, thank you for looking at this PR and for your feedback. I am currently evaluating ipsumdump to see if it meets our needs and if not, if we could extend it instead. Thank you for your suggestion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dmcamens-legrand @infrastation