pksh - the Packet Shell
Hello world, I am pksh, the Packet Shell, a hack of the Unix tcsh shell for packets, bytes, hosts and protocols counters mainly implemented to include passive network monitoring functionalities into a shell.
If you are impatient you can immediately take a look at some pksh screenshots to explore how to start using pksh for network monitoring.
- Provide, in the short period, just another useful network monitoring tool oriented to character-based terminals and offering the same level of information ntop already gives via its embedded Web interface
- Allow to have a vision of your network completely different from that offered by other network sniffers without lossing in accuracy and usability
- Develop, in the middle period, a robust, well defined and widely used network library, to be implemented as a wrapper around the pcap library, for the purpose of collecting and relate information and data about packets, bytes, hosts and protocols as viewed over LAN segments
- Integrate the Packet Shell as a main component of the ntop's family of technologies and products for network monitoring
- Move, in the long period, ntop over that library freeing the application of the tedious work of interacting with the network interfaces and allow it to concentrate to the hard job of implementing only a network console oriented to Web browsers
- Demonstrate how easy is using the extension built-ins mechanism the tcsh shell natively offers, and perhaps all the most common Unix shells already have, to implement a general purpose CLI for completely different application domains, being the network monitoring activities just an example
This software was originally written by me, Rocco Carbone, late in 2001 just as part of an ongoing research project to investigate and improve ntop (http://www.ntop.org) as a programmable network packets engine, but it was never finished due to several reasons. Just browse through the motivation and history links if you are interested in the full story.