Ehh sorry, GMail destroyed my ASCII example, but I hope you got the idea - in case of -s option - print src & dst info with same columns (DEST, GEO, BYTES, RATE, TIME) but on the neighbor lines.
On Sat, Feb 27, 2016 at 11:43 PM, Vadim Kochan <vadi...@gmail.com> wrote: > On Fri, Feb 26, 2016 at 11:09 AM, Vadim Kochan <vadi...@gmail.com> wrote: >> On Fri, Feb 26, 2016 at 10:58 AM, Tobias Klauser <tklau...@distanz.ch> wrote: >>> On 2016-02-25 at 17:35:56 +0100, Vadim Kochan <vadi...@gmail.com> wrote: >>>> On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan <vadi...@gmail.com> wrote: >>>> > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann >>>> > <borkm...@iogearbox.net> wrote: >>>> >> Hi Vadim, >>>> >> >>>> >> thanks for looking into this, appreciate it! >>>> >> >>>> >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: >>>> >>> >>>> >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan <vadi...@gmail.com> >>>> >>> wrote: >>>> >>>> >>>> >>>> Hi, >>>> >>>> >>>> >>>> I tried to come up with visual separating of printed flows as >>>> >>>> currently >>>> >>>> its not easy to identify separate flow entry, so I did some changes >>>> >>>> and >>>> >>>> I am not sure if it looks good so I atached the screenshot. >>>> >>>> >>>> >>>> Regards, >>>> >>> >>>> >>> >>>> >>> I attached another version of odd & even flows entries style, here I >>>> >>> used cyan & white colors and it seem looks >>>> >>> better as here is no such contrast like in case with black & white >>>> >>> background colors (like in previous example), >>>> >>> also here 'country' color changed to magenta as it looks better on >>>> >>> white & cyan background colors. >>>> >> >>>> >> >>>> >> Not particularly a fan of these background colors, but I understand >>>> >> you'd like to improve usability on this. How about making flowtop >>>> >> look and navigation more like top or htop? Perhaps some of this info >>>> >> can be collapsed? >>> >>> Fully agree with Daniel, I'm not a big fan of too much background color >>> (or even color in general) in TUI interfaces either. I'd certainly >>> prefer if you'd go for a top/htop like interface in that case. >>> >>>> >> >>>> >> Thanks, >>>> >> Daniel >>>> > >>>> > Well, if to follow these *top-like tools then we need to print less >>>> > info. Curently we print: >>>> > >>>> > 1) process name >>>> > 2) flow state >>>> > 3) application proto name >>>> > 4) duration time >>>> > 5) src/dst hostname >>>> > 6) geo info >>>> > 7) pkts/bytes stats (counters & rate) >>> >>> top/htop allow you to select the columns to display. We could define a >>> sensible set of default columns (or even add additional ones in case we >>> detect a wide enough window) and then let the user add/remove other >>> columns. >>> >>>> > >>>> > We can have 2 modes for flows visualization: >>>> > >>>> > 1) Short mode (1 row per entry) (default): >>>> > a) process name >>>> > b) flow state (but with shortest names) >>>> > c) application proto name >>>> > d) src/dst info hostnames (or only dst with country if it feets) >>>> > e) mixed stats >>>> > >>>> > 2) Extended mode, like in current implementation >>>> > (but maybe be changed to color scheme which I sent in previous >>>> > example). >>> >>> I don't think it's necessary to have 2 modes if we go for selectable >>> columns. >>> >>>> > Also there might be hot-keys to >>>> > 1) expand 1-row entry into 3-row mode >>>> > 2) switch between 1- & 3- row mode for all entries. >>> >>> In case the user's window isn't wide enough to hold all columns, this >>> would be a nice option to display additional information. >>> >>> Cheers >>> Tobias >> >> Thanks, >> >> I will consider your comments, I will update you with screen shots (if >> you'd like) before sending patches if I will >> come up with something useful for the next release. >> >> Regards, > > Hi Again, > > I did some changes to show flows per line (attached screenshot), showed > columns > should fit into 100~120 column sized terminal (but some horizontal > scrolling will be needed), > and I think these info should be enough as default (may be add PID > instead of TIME or both). > > For DEST column I reserved 50 columns for DNS name & IPv6 address. > > But I think that SRC info might be displayed not on same line but > something like this: > > PROCESS PROTO SERVICE STAT PEER > GEO BYTES ... > chrommium TCP https EST 192.168.1.100 USA 100 > => 234.200.10.3 > NDL 200 > firefox TCP https TWT 192.168.1.100 > USA 200 > => 173.26.78.1 > IRL 500 > wget TCP http EST 192.168.1.100 > UKR 300 > => 154.11.23.76 > SLV 100 > > > So by default we will have short 1 line view but with -s option - 2 row view. > Columns setup I think might be added later when some default view will > be applied. -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
