[netsniff-ng] Re: flowtop: Flows visual separating
On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: > Hi, > > I tried to come up with visual separating of printed flows as currently > its not easy to identify separate flow entry, so I did some changes and > I am not sure if it looks good so I atached the screenshot. > > Regards, I attached another version of odd & even flows entries style, here I used cyan & white colors and it seem looks better as here is no such contrast like in case with black & white background colors (like in previous example), also here 'country' color changed to magenta as it looks better on white & cyan background colors. Actually if you will like it, then 2nd step is to make good alignment formatting of fields. Regards, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
Hi Vadim, thanks for looking into this, appreciate it! On 02/20/2016 03:28 PM, Vadim Kochan wrote: On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: Hi, I tried to come up with visual separating of printed flows as currently its not easy to identify separate flow entry, so I did some changes and I am not sure if it looks good so I atached the screenshot. Regards, I attached another version of odd & even flows entries style, here I used cyan & white colors and it seem looks better as here is no such contrast like in case with black & white background colors (like in previous example), also here 'country' color changed to magenta as it looks better on white & cyan background colors. Not particularly a fan of these background colors, but I understand you'd like to improve usability on this. How about making flowtop look and navigation more like top or htop? Perhaps some of this info can be collapsed? Thanks, Daniel -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann wrote: > Hi Vadim, > > thanks for looking into this, appreciate it! > > On 02/20/2016 03:28 PM, Vadim Kochan wrote: >> >> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: >>> >>> Hi, >>> >>> I tried to come up with visual separating of printed flows as currently >>> its not easy to identify separate flow entry, so I did some changes and >>> I am not sure if it looks good so I atached the screenshot. >>> >>> Regards, >> >> >> I attached another version of odd & even flows entries style, here I >> used cyan & white colors and it seem looks >> better as here is no such contrast like in case with black & white >> background colors (like in previous example), >> also here 'country' color changed to magenta as it looks better on >> white & cyan background colors. > > > Not particularly a fan of these background colors, but I understand > you'd like to improve usability on this. How about making flowtop > look and navigation more like top or htop? Perhaps some of this info > can be collapsed? > > Thanks, > Daniel Well, if to follow these *top-like tools then we need to print less info. Curently we print: 1) process name 2) flow state 3) application proto name 4) duration time 5) src/dst hostname 6) geo info 7) pkts/bytes stats (counters & rate) We can have 2 modes for flows visualization: 1) Short mode (1 row per entry) (default): a) process name b) flow state (but with shortest names) c) application proto name d) src/dst info hostnames (or only dst with country if it feets) e) mixed stats 2) Extended mode, like in current implementation (but maybe be changed to color scheme which I sent in previous example). Also there might be hot-keys to 1) expand 1-row entry into 3-row mode 2) switch between 1- & 3- row mode for all entries. What do you think ? -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan wrote: > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann > wrote: >> Hi Vadim, >> >> thanks for looking into this, appreciate it! >> >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: >>> >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: Hi, I tried to come up with visual separating of printed flows as currently its not easy to identify separate flow entry, so I did some changes and I am not sure if it looks good so I atached the screenshot. Regards, >>> >>> >>> I attached another version of odd & even flows entries style, here I >>> used cyan & white colors and it seem looks >>> better as here is no such contrast like in case with black & white >>> background colors (like in previous example), >>> also here 'country' color changed to magenta as it looks better on >>> white & cyan background colors. >> >> >> Not particularly a fan of these background colors, but I understand >> you'd like to improve usability on this. How about making flowtop >> look and navigation more like top or htop? Perhaps some of this info >> can be collapsed? >> >> Thanks, >> Daniel > > Well, if to follow these *top-like tools then we need to print less > info. Curently we print: > > 1) process name > 2) flow state > 3) application proto name > 4) duration time > 5) src/dst hostname > 6) geo info > 7) pkts/bytes stats (counters & rate) > > We can have 2 modes for flows visualization: > > 1) Short mode (1 row per entry) (default): > a) process name > b) flow state (but with shortest names) > c) application proto name > d) src/dst info hostnames (or only dst with country if it feets) > e) mixed stats > > 2) Extended mode, like in current implementation > (but maybe be changed to color scheme which I sent in previous > example). > > Also there might be hot-keys to > 1) expand 1-row entry into 3-row mode > 2) switch between 1- & 3- row mode for all entries. > > What do you think ? Hi, Tobias, may be you have some comments regarding this ? Thanks, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On 2016-02-25 at 17:35:56 +0100, Vadim Kochan wrote: > On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan wrote: > > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann > > wrote: > >> Hi Vadim, > >> > >> thanks for looking into this, appreciate it! > >> > >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: > >>> > >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: > > Hi, > > I tried to come up with visual separating of printed flows as currently > its not easy to identify separate flow entry, so I did some changes and > I am not sure if it looks good so I atached the screenshot. > > Regards, > >>> > >>> > >>> I attached another version of odd & even flows entries style, here I > >>> used cyan & white colors and it seem looks > >>> better as here is no such contrast like in case with black & white > >>> background colors (like in previous example), > >>> also here 'country' color changed to magenta as it looks better on > >>> white & cyan background colors. > >> > >> > >> Not particularly a fan of these background colors, but I understand > >> you'd like to improve usability on this. How about making flowtop > >> look and navigation more like top or htop? Perhaps some of this info > >> can be collapsed? Fully agree with Daniel, I'm not a big fan of too much background color (or even color in general) in TUI interfaces either. I'd certainly prefer if you'd go for a top/htop like interface in that case. > >> > >> Thanks, > >> Daniel > > > > Well, if to follow these *top-like tools then we need to print less > > info. Curently we print: > > > > 1) process name > > 2) flow state > > 3) application proto name > > 4) duration time > > 5) src/dst hostname > > 6) geo info > > 7) pkts/bytes stats (counters & rate) top/htop allow you to select the columns to display. We could define a sensible set of default columns (or even add additional ones in case we detect a wide enough window) and then let the user add/remove other columns. > > > > We can have 2 modes for flows visualization: > > > > 1) Short mode (1 row per entry) (default): > > a) process name > > b) flow state (but with shortest names) > > c) application proto name > > d) src/dst info hostnames (or only dst with country if it feets) > > e) mixed stats > > > > 2) Extended mode, like in current implementation > > (but maybe be changed to color scheme which I sent in previous > > example). I don't think it's necessary to have 2 modes if we go for selectable columns. > > Also there might be hot-keys to > > 1) expand 1-row entry into 3-row mode > > 2) switch between 1- & 3- row mode for all entries. In case the user's window isn't wide enough to hold all columns, this would be a nice option to display additional information. Cheers Tobias -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
On Fri, Feb 26, 2016 at 10:58 AM, Tobias Klauser wrote: > On 2016-02-25 at 17:35:56 +0100, Vadim Kochan wrote: >> On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan wrote: >> > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann >> > wrote: >> >> Hi Vadim, >> >> >> >> thanks for looking into this, appreciate it! >> >> >> >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: >> >>> >> >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote: >> >> Hi, >> >> I tried to come up with visual separating of printed flows as currently >> its not easy to identify separate flow entry, so I did some changes and >> I am not sure if it looks good so I atached the screenshot. >> >> Regards, >> >>> >> >>> >> >>> I attached another version of odd & even flows entries style, here I >> >>> used cyan & white colors and it seem looks >> >>> better as here is no such contrast like in case with black & white >> >>> background colors (like in previous example), >> >>> also here 'country' color changed to magenta as it looks better on >> >>> white & cyan background colors. >> >> >> >> >> >> Not particularly a fan of these background colors, but I understand >> >> you'd like to improve usability on this. How about making flowtop >> >> look and navigation more like top or htop? Perhaps some of this info >> >> can be collapsed? > > Fully agree with Daniel, I'm not a big fan of too much background color > (or even color in general) in TUI interfaces either. I'd certainly > prefer if you'd go for a top/htop like interface in that case. > >> >> >> >> Thanks, >> >> Daniel >> > >> > Well, if to follow these *top-like tools then we need to print less >> > info. Curently we print: >> > >> > 1) process name >> > 2) flow state >> > 3) application proto name >> > 4) duration time >> > 5) src/dst hostname >> > 6) geo info >> > 7) pkts/bytes stats (counters & rate) > > top/htop allow you to select the columns to display. We could define a > sensible set of default columns (or even add additional ones in case we > detect a wide enough window) and then let the user add/remove other > columns. > >> > >> > We can have 2 modes for flows visualization: >> > >> > 1) Short mode (1 row per entry) (default): >> > a) process name >> > b) flow state (but with shortest names) >> > c) application proto name >> > d) src/dst info hostnames (or only dst with country if it feets) >> > e) mixed stats >> > >> > 2) Extended mode, like in current implementation >> > (but maybe be changed to color scheme which I sent in previous >> > example). > > I don't think it's necessary to have 2 modes if we go for selectable > columns. > >> > Also there might be hot-keys to >> > 1) expand 1-row entry into 3-row mode >> > 2) switch between 1- & 3- row mode for all entries. > > In case the user's window isn't wide enough to hold all columns, this > would be a nice option to display additional information. > > Cheers > Tobias Thanks, I will consider your comments, I will update you with screen shots (if you'd like) before sending patches if I will come up with something useful for the next release. Regards, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: flowtop: Flows visual separating
Ehh sorry, GMail destroyed my ASCII example, but I hope you got the idea - in case of -s option - print src & dst info with same columns (DEST, GEO, BYTES, RATE, TIME) but on the neighbor lines. On Sat, Feb 27, 2016 at 11:43 PM, Vadim Kochan wrote: > On Fri, Feb 26, 2016 at 11:09 AM, Vadim Kochan wrote: >> On Fri, Feb 26, 2016 at 10:58 AM, Tobias Klauser wrote: >>> On 2016-02-25 at 17:35:56 +0100, Vadim Kochan wrote: On Sat, Feb 20, 2016 at 8:47 PM, Vadim Kochan wrote: > On Sat, Feb 20, 2016 at 7:49 PM, Daniel Borkmann > wrote: >> Hi Vadim, >> >> thanks for looking into this, appreciate it! >> >> On 02/20/2016 03:28 PM, Vadim Kochan wrote: >>> >>> On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan >>> wrote: Hi, I tried to come up with visual separating of printed flows as currently its not easy to identify separate flow entry, so I did some changes and I am not sure if it looks good so I atached the screenshot. Regards, >>> >>> >>> I attached another version of odd & even flows entries style, here I >>> used cyan & white colors and it seem looks >>> better as here is no such contrast like in case with black & white >>> background colors (like in previous example), >>> also here 'country' color changed to magenta as it looks better on >>> white & cyan background colors. >> >> >> Not particularly a fan of these background colors, but I understand >> you'd like to improve usability on this. How about making flowtop >> look and navigation more like top or htop? Perhaps some of this info >> can be collapsed? >>> >>> Fully agree with Daniel, I'm not a big fan of too much background color >>> (or even color in general) in TUI interfaces either. I'd certainly >>> prefer if you'd go for a top/htop like interface in that case. >>> >> >> Thanks, >> Daniel > > Well, if to follow these *top-like tools then we need to print less > info. Curently we print: > > 1) process name > 2) flow state > 3) application proto name > 4) duration time > 5) src/dst hostname > 6) geo info > 7) pkts/bytes stats (counters & rate) >>> >>> top/htop allow you to select the columns to display. We could define a >>> sensible set of default columns (or even add additional ones in case we >>> detect a wide enough window) and then let the user add/remove other >>> columns. >>> > > We can have 2 modes for flows visualization: > > 1) Short mode (1 row per entry) (default): > a) process name > b) flow state (but with shortest names) > c) application proto name > d) src/dst info hostnames (or only dst with country if it feets) > e) mixed stats > > 2) Extended mode, like in current implementation > (but maybe be changed to color scheme which I sent in previous > example). >>> >>> I don't think it's necessary to have 2 modes if we go for selectable >>> columns. >>> > Also there might be hot-keys to > 1) expand 1-row entry into 3-row mode > 2) switch between 1- & 3- row mode for all entries. >>> >>> In case the user's window isn't wide enough to hold all columns, this >>> would be a nice option to display additional information. >>> >>> Cheers >>> Tobias >> >> Thanks, >> >> I will consider your comments, I will update you with screen shots (if >> you'd like) before sending patches if I will >> come up with something useful for the next release. >> >> Regards, > > Hi Again, > > I did some changes to show flows per line (attached screenshot), showed > columns > should fit into 100~120 column sized terminal (but some horizontal > scrolling will be needed), > and I think these info should be enough as default (may be add PID > instead of TIME or both). > > For DEST column I reserved 50 columns for DNS name & IPv6 address. > > But I think that SRC info might be displayed not on same line but > something like this: > > PROCESS PROTO SERVICE STAT PEER > GEO BYTES ... > chrommium TCP https EST 192.168.1.100 USA 100 > => 234.200.10.3 > NDL 200 > firefox TCP https TWT 192.168.1.100 >USA 200 > =>173.26.78.1 > IRL500 > wget TCP http EST 192.168.1.100 > UKR 300 > =>154.11.23.76 > SLV 100 > > > So by default we will have short 1 line view but with -s option - 2 row view. > Columns setup I think might be added later when some default view will > be applied. -- You received this message because you
[netsniff-ng] Re: flowtop: Flows visual separating
On 02/27/2016 10:43 PM, Vadim Kochan wrote: On Fri, Feb 26, 2016 at 11:09 AM, Vadim Kochan wrote: [...] I will consider your comments, I will update you with screen shots (if you'd like) before sending patches if I will come up with something useful for the next release. Thanks, looks much better already. Would be nice if we could also align the bytes, time column (and probably rate) to the right, so that values are easier to see. -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
