Ethereal-users: Re: [Ethereal-users] Sniffer Matrix functionality - connection graph for Etherea
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Richard Urwin wrote:
| Someone asked for this sort of functionality on the -dev list. I found
| myself with some spare time on my hands, and here it is. It looks like
| a very useful tool. I'm sure I'll be using it in future. This is much
| expanded and tidied up from a version I posted on the -dev list
| yesterday.
|
| It runs outside Ethereal. For a quick test use the command line:
| congraph -d capture-file
| For help on the command line use
| congraph -h
| Otherwise play around to find how it works, it's fairly
| straight-forward.
|
| It is written for Linux, but it should work on Windows with cygwin. Unix
| users may have to install bash or edit it to run with the bourne shell.
| I'm sure you know how to do that better than me.
I found replacing
tethereal -r $ipf -N mnt | cut -b 8- | cut --fields=2-4 --delimiter=' '
|sed "s/->/###/;s/^ $//"| sort |uniq > raw
with
tethereal -r $ipf -N Cmnt | awk '$4=="->"{print $3,"###",$5;}' | sort |
uniq > raw
worked better.
The former has some issues with ADNS (hence the Coption) and cut doesn't
cope with consecutive delimiters (so "1 0.123456 xxx -> yyy ..."
becomes " xxx ###" rather than "xxx ### yyy").
Don't feed it large files (i.e. lots of nodes). It will take forever to
run. If not longer.
- --
There's no point in being grown up if you can't be childish sometimes.
~ -- Dr. Who
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAg3pwUpRmj8xnsFgRAiYgAKC6uclyWEfJcPV0dvrK7C3qrggWfwCfYLv7
IcT4yOhSvexQ0q5l2cFvyPc=
=LVuo
-----END PGP SIGNATURE-----