Ssysthread small packet sniffer (pkr)

  Originally called portkeeper the pkr utility does rudimentry packet sniffing and will alarm on certain packet errors. It is known to work on the following systems and distributions:

• FreeBSD 8
• os X
• Debian-current



• Ubuntu

Note that Debian and Ubuntu require the pcap-dev package to copmpile. Building and using the utility is pretty easy:

make <target>
sudo ./pkr

Where targets are: linux, freebsd or osx. The usage for now is pretty straightforward and is included using the -u or --usage option:

[16:31:46 jrf@vela:~/src/pkr-0.2]$ ./pkr --usage
pkr [options][arguments] [optional filter string]
pkr [-e|--ethernet][-i|--interface dev][-p|--polls npolls]
pkr [-u|--usage][-v|--verbose level]
Options:
   -e|--ethernet       Display basic ethernet info.
   -i|--interface dev  Use the specified interface.
   -p|--polls N        Poll N times (default continous).
   -u|--usage          Print usage information.
   -v|--verbose N      Set verbosity to level N.
Verbosity Levels:
    1  Show source and destination IP:PORT only
    2  Show all available IP information
    3  Show all TCPIP information (Default)
    4  Dump the payload string

Since pkr uses libpcap it can accept filter options similar to tcpdump. Plans for pkr and issues can be found in the TODO file.

  Coding · pkr-0.2.tar.gz

Full Story