EtherApe is a graphical utility that allows you to see in real-time where connections are being made on your network, or between your network or computer and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring. Both “local” user and “root user” installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape
- Network traffic is displayed graphically. The more “talkative” a node is, the bigger its representation.
- Node and link color shows the most used protocol.
- User may select what level of the protocol stack to concentrate on.
- You may either look at traffic within your network, end to end IP, or even port to port TCP.
- Data can be captured “off the wire” from a live network connection, or read from a tcpdump capture file.
- Live data can be read from ethernet, FDDI, PPP, SLIP and WLAN interfaces, plus several other incapsulated formats (e.g. Linux cooked, PPI).
- The following frame and packet types are currently supported: ETH_II, 802.2, 803.3, IP, IPv6, ARP, X25L3, REVARP, ATALK, AARP, IPX, VINES, TRAIN, LOOP, VLAN, ICMP, IGMP, GGP, IPIP, TCP, EGP, PUP, UDP, IDP, TP, ROUTING, RSVP, GRE, ESP, AH, EON, VINES, EIGRP, OSPF, ENCAP, PIM, IPCOMP, VRRP; and most TCP and UDP services, like TELNET, FTP, HTTP, POP3, NNTP, NETBIOS, IRC, DOMAIN, SNMP, etc.
- Data display can be refined using a network filter using pcap syntax.
- Display averaging and node persistence times are fully configurable.
- Name resolution is done using standard libc functions, thus supporting DNS, hosts file, etc.
- Clicking on a node/link opens a detail dialog showing protocol breakdown and other traffic statistics.
- Protocol summary dialog shows global traffic statistics by protocol.
- Node summary dialog shows traffic statistics by node.
- Node statistics export to XML file.
- Scrollkeeper/rarian-compatible manual integrated with yelp.