monnet

Sean Conner

monnet is a network monitoring tool I wrote as an educational exercise in network programming and using dynamic libraries under UNIX, or more specifically, Linux. It is not meant as a replacement for ntop (as when I started writing monnet, I did not know of the existance of ntop) or tcpdump (which I was aware of but do not like the way it dumps the output).

monnet shows the traffic live, as it goes across the wire and displays the output one packet per line (132 character line, or at least that's the goal). I use it more to get an indication of what type and volume of traffic than to analyze packets, although you certainly could do that with monnet. It also keeps a count of the number of packets scanned, plus a count per each type (ARP, RARP, IP as well as sub-protocols like TCP, UDP, ICMP, etc) and a report can be generated (after it finishes running, or while it's running).

It was also written in a modular fasion to make it easy to add support for other packet types (AppleTalk support was added in about an hour to help a friend debug the Linux 2.0.36 ATALK protocol support.

If you do use this product, or just have comments or questions about, just drop me a line. Thanks.