Slackware 13.1 - Installing justniffer (with epkg) ====================================== [http://justniffer.sourceforge.net/](http://justniffer.sourceforge.net/) Public domain ******************************************************************************** #### Installation cd /usr/src wget -c http://superb-sea2.dl.sourceforge.net/project/justniffer/justniffer/justniffer%200.5.8/justniffer_0.5.8.tar.gz su - install cd /usr/src tar xf justniffer_0.5.8.tar.gz cd justniffer-0.5.8/ ./configure --prefix=/usr/ && make make install DESTDIR=/usr/local/encap/justniffer-0.5.8 cd /usr/local/encap/justniffer-0.5.8/ mv usr/share/man/ usr/ cd /usr/local/encap/ mkencap justniffer-0.5.8/ logout cd /usr/local/encap/ epkg justniffer-0.5.8 ******************************************************************************** ### Perfomance related keywords %connection.time %idle.time.0 %request.time %response.time %response.time.begin %response.time.end %idle.time.1 +---------+ +---------+ | | | | | Client | | Server | | | | | +---------+ +---------+ | | | ----- connect syn --------> |----+ | | | | <------ syn/ack ---------> | | %connection.time | | | | ------- ack ----------> | | | ESTABLISHED |----+ | | | %idle.time.0 | | |(after connection, before | | | request) | | | | --- request/first packet ---> |----+ | <------ ack ----------- | | | | | | --- request/.... ---> | | %request.time | <------ ack ----------- | | | | | | --- request/last packet ---> | | | <------ ack ----------- |----+--------------------+ | | | | | | | | | | |%reponse.time.begin | | | | | | <-- response/first packet ---- |----+ | reponse | ------- ack ----------> | | | time | | | | | <-- response/.... ---- | |%reponse.time.end | | ------- ack ----------> | | | | | | | | <-- response/last packet ---- | | | | ------- ack ----------> |----+--------------------+ | | | | | | | | | %idle.time.1 (after response, | | | before new request or close) | | | | <------ close ---------> |----+ | | | | | | ******************************************************************************** ### Usage justniffer -i ppp0 -u -l "%connection.timestamp(%F %T)%tab%source.ip:%source.port%tab%dest.ip:%dest.port%tab%response.time%tab%request.header.host%request.url" justniffer -i ppp0 -u -l '%request %response.header' -p "port 80" ******************************************************************************** _BY: Pejman Moghadam_ _TAG: epkg, justniffer, sniffer_ _DATE: 2011-06-25 00:14:15_