|
@@ -3,7 +3,7 @@ sisniff
|
|
|
|
|
|
Sisniff is a network sniffer like tcpdump, which prints out all the packets on a network interface from and to the local computer.<br>
|
|
|
As a special feature, for each packet the coresponding application which sends or receives this packet is showing.<br>
|
|
|
-With filter options like program name a specific application can be tracked.<p><br>
|
|
|
+With filter options like program name a specific application can be tracked.<br>
|
|
|
|
|
|
|
|
|
It supports TCP, UDP and ICMP packets, both on IPv4 and IPv6<br>
|
|
@@ -32,7 +32,7 @@ Under some cirumstances the program/PID cannot be evaluated. This mavericks woul
|
|
|
This program needs Python 3.x or Python 2.x.
|
|
|
|
|
|
Current Version can be downloaded from Git at: https://git.zweiernet.ch/sigi/sisniff
|
|
|
-
|
|
|
+
|
|
|
<pre>
|
|
|
--------------------
|
|
|
|
|
@@ -50,7 +50,7 @@ optional arguments:
|
|
|
-i {eth0,lo,wlan0} Interface (required)
|
|
|
-n Do not resolve IP-Addresses
|
|
|
-p program|not-program
|
|
|
- Filter by program name ([not-] negates)
|
|
|
+ Filter by program name (accepts * for matching) ([not-] negates)
|
|
|
-4 Only IPv4
|
|
|
-6 Only IPv6
|
|
|
-pH Show HTTP Payload
|
|
@@ -60,8 +60,8 @@ optional arguments:
|
|
|
|
|
|
* Interfaces showed in the help are gathered from the running system.
|
|
|
* <code>-program</code> is meant the base name of the program/application, e.g. <code>-p thunderbird-bin</code>
|
|
|
-* <code>-program</code> can contain '*' pattern at the beginning and/or the end, e.g. <code>-p thunder*</code>
|
|
|
-* <code>not-program</code> excludes the program from beeing showed, e.g. <code>not-thunderbird-bin</code>. The '*' pattern also is accepted.
|
|
|
+* <code>-program</code> can contain '*' pattern at the beginning and/or the end, e.g. <code>-p thunder*</code>
|
|
|
+* <code>not-program</code> excludes the program from beeing showed, e.g. <code>not-thunderbird-bin</code>. The "*" pattern also is accepted.
|
|
|
* <code>filter</code> is in same syntax as tcpdump uses. Must be written in double-quotes "..."
|
|
|
|
|
|
|