>>>>> "Bass" == Bass <swu4kzi9k...@gmail.com> writes:
Bass> Hi, I've been using tcpdump a lot more lately and staring at
Bass> long streams of packets and was wondering if the tcpdump devs
Bass> would be willing to add a "--color" option to colorize the
Bass> different major fields in the output.
Well, you'd have to spell it properly as: "--colour" :-)
Bass> For example, the timestamp could be one color, the protocol
Bass> could be a different color, src & dst could be a different
Bass> color, flags, tcp options, etc.
Bass> It'd be especially cool and useful if the hex output from -x
Bass> or -X colorized the different headers of the packet so that
Bass> the ethernet frame hex values would be all one color, the IP
Bass> header hex values would be a different color, and the embedded
Bass> protocol values would be a different color as well. This
Bass> would make it very easy to see the start and end of each
Bass> header in the hex output.
I'm not opposed to it.
I would not want to add a dependancy to libncurses though.
Perhaps we can create a utility program that tcpdump invokes,
which users ncurses to get all the right colour strings. tcpdump
can popen() that and read the results and use them.
The difficult part is sprinkling these all the code.
It might be easier to sprinkle XML through it...
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
