NetWatchは、リアルタイムにネットワークのパケットをモニタするツールだ。プログラム自体軽いのでパケット量の変化も軽快に見える。コマンドラインで使えるので、とても重宝だ。
簡単にネットワークのモニタをしたい時には、うってつけのツールだ。図1は、実際にパケットモニタしてるところを示している。
オフィシャルサイトは、 ここ 。
動作マシンスペック)
OS : Debian GNU/Linux Lenny
oss:~# lspci
00:00.0 Host bridge: Intel Corporation 440LX/EX – 82443LX/EX Host bridge (rev 03 )
00:01.0 PCI bridge: Intel Corporation 440LX/EX – 82443LX/EX AGP bridge (rev 03)
00:07.0 ISA bridge: Intel Corporation 82371AB/EB/MB PIIX4 ISA (rev 01)
00:07.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:07.2 USB Controller: Intel Corporation 82371AB/EB/MB PIIX4 USB (rev 01)
00:07.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
00:10.0 Ethernet controller: 3Com Corporation 3c905 100BaseTX [Boomerang]
01:00.0 VGA compatible controller: NVidia / SGS Thomson (Joint Venture) Riva128 (rev 10)
oss:~# lspci
00:00.0 Host bridge: Intel Corporation 440LX/EX – 82443LX/EX Host bridge (rev 03)
00:01.0 PCI bridge: Intel Corporation 440LX/EX – 82443LX/EX AGP bridge (rev 03)
00:07.0 ISA bridge: Intel Corporation 82371AB/EB/MB PIIX4 ISA (rev 01)
00:07.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:07.2 USB Controller: Intel Corporation 82371AB/EB/MB PIIX4 USB (rev 01)
00:07.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
00:10.0 Ethernet controller: 3Com Corporation 3c905 100BaseTX [Boomerang]
01:00.0 VGA compatible controller: NVidia / SGS Thomson (Joint Venture) Riva128 (rev 10)
oss:~# more /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 3
model name : Pentium II (Klamath)
stepping : 3
cpu MHz : 299.952
cache size : 512 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 2
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov mmx up
bogomips : 601.32
clflush size : 32
1.インストール準備
NetWatchをインスコする前に、必要ライブラリを入れる。
oss:~# apt-get install libncurses5 libncurses5-dev
Reading package lists… Done
Building dependency tree
Reading state information… Done
Note, selecting libncurses5-dev instead of libncurses-dev
The following extra packages will be installed:
libncurses5 libncurses5-dev
The following NEW packages will be installed:
libncurses5-dev
The following packages will be upgraded:
libncurses5
1 upgraded, 1 newly installed, 0 to remove and 128 not upgraded.
Need to get 1855kB of archives.
After this operation, 6582kB of additional disk space will be used.
Do you want to continue [Y/n]? Y
Get:1 http://http.debian.or.jp lenny/main libncurses5 5.6+20080830-1 [333kB]
Get:2 http://http.debian.or.jp lenny/main libncurses5-dev 5.6+20080830-1 [1522kB ]
Fetched 1855kB in 3s (588kB/s)
(Reading database … 29798 files and directories currently installed.)
Preparing to replace libncurses5 5.6+20080804-1 (using …/libncurses5_5.6+20080 830-1_i386.deb) …
Unpacking replacement libncurses5 …
Setting up libncurses5 (5.6+20080830-1) …
Selecting previously deselected package libncurses5-dev.
(Reading database … 29798 files and directories currently installed.)
Unpacking libncurses5-dev (from …/libncurses5-dev_5.6+20080830-1_i386.deb) …
Processing triggers for man-db …
Setting up libncurses5-dev (5.6+20080830-1) …
oss:~# apt-get install bzip2
Reading package lists… Done
Building dependency tree
Reading state information… Done
Suggested packages:
bzip2-doc
The following NEW packages will be installed:
bzip2
0 upgraded, 1 newly installed, 0 to remove and 128 not upgraded.
Need to get 45.6kB of archives.
After this operation, 127kB of additional disk space will be used.
Get:1 http://http.debian.or.jp lenny/main bzip2 1.0.5-1 [45.6kB]
Fetched 45.6kB in 0s (284kB/s)
Selecting previously deselected package bzip2.
(Reading database … 30831 files and directories currently installed.)
Unpacking bzip2 (from …/bzip2_1.0.5-1_i386.deb) …
Processing triggers for man-db …
Setting up bzip2 (1.0.5-1) …
2.ソースをコンパイルする
1)ソースをゲットする
2008年10月現在、netwatch-1.2.0-2.tgz で最新であった。
oss:~# cd /usr/local/src
oss:/usr/local/src# wget http://www.slctech.org/~mackay/NETWATCH/netwatch-1.2.0-2.tgz
–2008-10-28 14:30:32– http://www.slctech.org/~mackay/NETWATCH/netwatch-1.2.0-2.tgz
Resolving fifo… 192.168.0.12
Connecting to fifo|192.168.0.12|:8080… connected.
Proxy request sent, awaiting response… 200 OK
Length: 203359 (199K) [application/x-gzip]
Saving to: `netwatch-1.2.0-2.tgz’
100%[======================================>] 203,359 –.-K/s in 0.02s
2008-10-28 14:30:32 (8.00 MB/s) – `netwatch-1.2.0-2.tgz’ saved [203359/203359]
2)ソースを展開する
oss:/usr/local/src# tar zxvf netwatch-1.2.0-2.tgz
oss:/usr/local/src# chown -R root.root netwatch-1.2.0
oss:/usr/local/src# cd netwatch-1.2.0
3)Makefileを作る
oss:/usr/local/src/netwatch-1.2.0# ./configure
loading cache ./config.cache
checking for gcc… gcc
checking whether the C compiler (gcc ) works… yes
checking whether the C compiler (gcc ) is a cross-compiler… no
checking whether we are using GNU C… yes
checking whether gcc accepts -g… yes
checking for mvchgat in -lncurses… yes
checking for pthread_create in -lpthread… yes
checking how to run the C preprocessor… gcc –
checking for ANSI C header files… yes
checking for sys/wait.h that is POSIX.1 compatible… yes
checking for fcntl.h… yes
checking for strings.h… yes
checking for sys/ioctl.h… yes
checking for sys/time.h… yes
checking for unistd.h… yes
checking for netinet/ip_icmp.h… yes
checking for netinet/ip.h… yes
checking for netinet/tcp.h… yes
checking for netinet/ip_tcp.h… no
checking for netinet/udp.h… yes
checking for netinet/ip_udp.h… no
checking for netinet/if_ether.h… yes
checking for netinet/in.h… yes
checking for netinet/socket.h… no
checking for net/if.h… yes
checking for net/if_ppp.h… yes
checking for netinet/if_ether.h… (cached) yes
checking for netinet/in.h… (cached) yes
checking for ncurses.h… yes
checking for ncurses/curses.h… no
checking for ncurses.h… (cached) yes
checking for pthread.h… yes
checking for ncurses/curses.h… (cached) no
checking for curses.h… yes
checking for sys/if_packet.h… no
checking for linux/if_packet.h… yes
checking for net/if_packet.h… yes
checking for pid_t… yes
checking whether time.h and sys/time.h may both be included… yes
checking whether gcc needs -traditional… no
checking for 8-bit clean memcmp… yes
checking return type of signal handlers… void
checking for select… yes
checking for socket… yes
checking for strstr… yes
checking for uname… yes
updating cache ./config.cache
creating ./config.status
creating Makefile
creating Make.common
creating config.h
4)コンパイルする
oss:/usr/local/src/netwatch-1.2.0# make
gcc -g -O2 -c curs.c
gcc -g -O2 -c dispdata.c
gcc -g -c services.c
gcc -DVERSION='”1.2.0″‘ -DRELEASE='”2″‘ -g -O2 -c netwatch.c
gcc -g -O2 -c processinetrc.c
gcc -g -O2 -c gh.c
gcc -g -O2 -c warning.c
gcc -g -O2 -c semaphore.c
gcc -DVERSION='”1.2.0″‘ -DRELEASE='”2″‘ -o netwatch -g -O2 curs.o dispdata.o services.o netwatch.o processinetrc.o gh.o warning.o semaphore.o -lpthread -lncurses
gcc -g -O2 -c netresolv.c
gcc -o netresolv -g -O2 netresolv.o
5)バイナリをリンクする
oss:/usr/local/src/netwatch-1.2.0# make install
install –owner=root –group=root –mode=0755 -d /usr/local/bin
install –owner=root –group=root –mode=0755 -d /usr/local/man/man1/man1
install –owner=root –group=root –mode=0700 netwatch /usr/local/bin
install –owner=root –group=root –mode=0700 netresolv /usr/local/bin
bzip2 netwatch.1
install -D netwatch.1.bz2 /usr/local/man/man1/man1
3.実際に使ってみる
oss:/usr/local/src/netwatch-1.2.0# netwatch -e eth0
以下の図2は、実際にパケットをモニタしてるところだ。
以上
コメント