mankin@GATEWAY.MITRE.ORG (10/25/90)
Archive-name: iptrace/24-Oct-90 Original-posting-by: mankin@GATEWAY.MITRE.ORG Original-subject: Re: 4.3bsd/watching icmp traffic Archive-site: aelred-3.ie.org [192.48.115.36] Archive-directory: /pub Reposted-by: emv@math.lsa.umich.edu (Edward Vielmetti) Ron, We distribute a program that gets compiled into the 4.3 kernel and lets applications read any or all IP traffic that is being forwarded. It is called NETMON/iptrace. The code and a document explaining how it works and how to install it can be anonymously ftp'd from aelred-3.ie.org (192.48.115.36): pub/netmon.tar or pub/netmon.tar.Z. For your requirement, you would want to compile only the instrumented ip_input.c. Otherwise, follow the directions as given. By the way, the overhead of NETMON is about 5% or less, depending on the packet arrival rate. And iptrace uses CPU on the same order as the gated executable. A. Mankin mankin@gateway.mitre.org MITRE-Washington Networking Center