Filter packets based on protocols
To display information about only packet header and packet payload and avoid useless information use the -q option with ngrep command. We are going to use this option in our next commands. Let’s see how we can filter the packages of a particular protocol using the ngrep. Let’s take one example, in this example, we are going to catch all ICMP packages. To use ICMP protocol we are going to send a ping to another host and then catch all ICMP packets using ngrep.
sudo ngrep -q '.' 'icmp'
Ngrep – Network Packet Analyzer for Linux
Ngrep a network packet analyzer that is similar to the grep command, but ngrep grep the package on the network layer. This tool grep the traffic going to coming on the network interface.ngrep allow us to specify an extended regular or hexadecimal expression to match against data payloads of packets.ngrep can work on protocols like IPv4/6, TCP, UDP, ICMPv4/6, IGMP as well as Raw on a number of interfaces.
Contact Us