netsniff

Ethernet sniffing utility (QNX)

Syntax:

netsniff [options]... 

Options:

-a src_dst_nid
Buffer any packets which are addressed to or from the specified physical node ID (src_dst_nid)
-d dst_nid
Buffer only packets which are addressed to the specified physical destination node ID (dst_nid)
-D protocol
Don't display packets with the given protocol type. The protocol argument may be specified in decimal, hex (prefixed by 0x) or octal (prefixed by 0). Multiple -D options may be specified.
-f
Only fill buffer. Instead of the default continuous received packet display (with possible overflows of packet buffer) quit after packet buffer fills.
-i
Instead of the default hex/ASCII packet content display, try to interpret the packet contents.
-I
Interpret packet contents as per -i, but give more detail.
-L len
Statistics mode; len is the minimum length to display.
-l log_lan
(``el'') Buffer only packets received from the specified logical LAN. Default is all LANs.
-m num_Kbytes
Allocate the size (in kilobytes) of packet buffer RAM. Default 1024, max 32767, min 64.
-n num_bytes
Display the number of bytes of each packet (default 48).
-p protocol
Display packets of this protocol type. The protocol argument may be specified in decimal, hex (prefixed by 0x) or octal (prefixed by 0). Multiple -p options may be specified.
-Q
Display QNX packets. Equivalent to -p 0x8203.
-S
Turn on statistics mode (based on src_nid).
-s src_nid
Buffer only packets which are addressed from the specified physical source node ID (src_nid)
-T secs
Statistics mode; secs specifies the period (default 10 seconds).

Description:

The netsniff utility is an Ethernet network sniffing utility. It has been shipped as a debugging utility should you run into problems using Ethernet.

Figuring out which options to use to specify your src_nid/dst_nid filter looks a bit confusing, but really isn't. Proof by example follows:

If you want to look only at packets transmitted by node 0000c0129e40:

   netsniff -s 0000c0129e40

If you want to look only at packets received by node 0000c0109e40:

   netsniff -d 0000c0109e40

If you want to look only at packets transmitted by node 0000c0129e40 and received by node 0000c0109e40:

   netsniff -s 0000c0129e40   -d 0000c0109e40

If you want to look only at packets transmitted or received by node 0000c0129e40 (this is a popular mode):

   netsniff -a 0000c0129e40

Note: To do anything really useful with netsniff on Ethernet, be sure to run your Net.ether* driver with the -P option to tell it to buffer all packets (16-bit cards are best for this). Otherwise, you will see only broadcasted packets with netsniff, which is usually pretty boring.

See also: