ngrep

ngrep strives to provide most of GNU grep's common features, applying them to the network layer.

ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets.

It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

ngrep

License Other License Developer Jordan Ritter Website ngrep.sourceforge.net Requirements Support: Forums Selected Reviews: Sys Admin, Linux.com

Features include:

• Basic Packet Sniffing
• Debug HTTP interactions
• Process PCAP dump files looking for patterns
• Observing binary being transferred across the wire

Last Updated Saturday, May 03 2008 @ 06:58 PM EDT