Ngrep - Network Packet Analyzer for Linux Last Updated : 23 Aug, 2021 Comments Improve Suggest changes Like Article Like Report Ngrep a network packet analyzer that is similar to the grep command, but ngrep grep the package on the network layer. This tool grep the traffic going to coming on the network interface.ngrep allow us to specify an extended regular or hexadecimal expression to match against data payloads of packets.ngrep can work on protocols like IPv4/6, TCP, UDP, ICMPv4/6, IGMP as well as Raw on a number of interfaces. Installation Now let's see how to install ngrep on Linux. The ngrep is available in most of the Linux package managers. We are going to use these package managers to install ngrep. Use one of the following commands according to your operating system: For Debian/Ubuntu/Kali Linux: sudo apt-get install ngrep For Arch Linux: sudo pacman -S ngrep For Fedora: dnf install ngrepUsage After successfully installing the ngrep, now let's see how to use the ngrep. To monitor all traffic running on the default network interface, just use the ngrep command sudo ngrep To stop the ngrep use the ctrl+C keys. Filter packets based on protocols To display information about only packet header and packet payload and avoid useless information use the -q option with ngrep command. We are going to use this option in our next commands. Let's see how we can filter the packages of a particular protocol using the ngrep. Let's take one example, in this example, we are going to catch all ICMP packages. To use ICMP protocol we are going to send a ping to another host and then catch all ICMP packets using ngrep. sudo ngrep -q '.' 'icmp'Filter Packets based on host We can also filter the packet based on the host, for example, let's catch the packets of host google.com: sudo ngrep -q '.' 'host google.com'Filter packets receiving through browsers To catch all packets that are receiving while surfing the internet through a web browser, we can use the following command: sudo ngrep -q '^GET .* HTTP/1.1Filter packets passing through the port To monitor traffic passing through the port of source host or destination, use the port option and mention the port number with ngrep command: sudo ngrep port 443Filter packets containing the word 'error' To search for the occurrence of the word "error" in any network-based Syslog traffic, use the following command: sudo ngrep -d any 'error' port 514Using port names from file/etc/services/ instead of port The ngrep tool can also convert the service port names stored in /etc/services to the port number that mean instead of mentioning the port number in ngrep command we can mention the port name in the /etc/services file. sudo ngrep -d any 'error' port syslogFilter packet on port no 80 To catch all traffic running on port number 80 we can use the following command: sudo ngrep port 80Get packet data in a well readable format In the previous output, we can see that the headers are not in formatted form, this makes it difficult to read the header. To get the header in a well-formatted manner, use the following command: sudo ngrep -W byline port 80Get timestamp with packets Use the -t option with ngrep command to get a timestamp in YYYY/MM/DD HH:MM:SS.UUUUUU when every time a packet is matched sudo ngrep -t -W byline port 80Avoiding promiscuous mode Use the -p option to avoid putting the interface into promiscuous mode sudo ngrep -p -W byline port 80 When observing raw or unknown protocols to show sub-protocol numbers along with single-character identifier, use the -N option with ngerp command: sudo ngrep -N -W byline man ngrep Comment More infoAdvertise with us Next Article What is Linux Operating System N nishant0073 Follow Improve Article Tags : Linux-Unix Linux-Tools Similar Reads Linux/Unix Tutorial Linux is one of the most widely used open-source operating systems. It's fast, secure, stable, and powers everything from smartphones and servers to cloud platforms and IoT devices. Linux is especially popular among developers, system administrators, and DevOps professionals.Linux is:A Unix-like OS 10 min read Getting Started with LinuxWhat is Linux Operating SystemLinux is based on the UNIX operating system. UNIX is a powerful, multi-user, multitasking operating system originally developed in the 1970s at AT&T Bell Labs. It laid the foundation for many modern operating systems, including Linux.Linux is free and open-source, accessible to everyone.Its sour 10 min read LINUX Full Form - Lovable Intellect Not Using XPLINUX stands for Lovable Intellect Not Using XP. Linux was developed by Linus Torvalds and named after him. Linux is an open-source and community-developed operating system for computers, servers, mainframes, mobile devices, and embedded devices. Linux receives requests from system programs and it r 2 min read Difference between Linux and WindowsLinux: Linux could be a free and open supply OS supported operating system standards. It provides programming interface still as programme compatible with operating system primarily based systems and provides giant selection applications. A UNIX operating system additionally contains several several 7 min read What are Linux Distributions ?A Linux distribution, often shortened to “distro,†is a packaged version of Linux that comes with the Linux kernel plus a collection of software and utilities that make the OS functional and user-friendly. Some distros are optimized for business environments, offering tools for productivity and ente 8 min read Difference between Unix and LinuxUnix was created in the 1970s by Ken Thompson and Dennis Ritchie at Bell Labs. Dennis Ritchie was also the creator of the C programming language. Originally a command-line operating system, Unix has evolved to support graphical interfaces (GUI) as well. It became popular in universities, enterprises 5 min read Installation with LinuxHow to Install Arch Linux in VirtualBox?Installing Arch Linux on a virtual machine is an excellent way to experience this powerful and flexible Linux distribution without affecting your main system. If you're looking to install Arch Linux in VirtualBox, this guide will take you through the process step-by-step. Arch Linux is known for its 7 min read Fedora Linux Operating SystemFedora Linux is a free and open-source operating system based on the Linux kernel and was developed by the community-supported Fedora Project. It is known for its fast release cycle, which keeps the operating system up to date with the latest software and technologies.What is the Fedora Linux Operat 12 min read How to install Ubuntu on VirtualBox?Installing Ubuntu on VirtualBox is a great way to experience the powerful features of this popular Linux distribution without altering your main operating system. Whether you’re a developer, a student, or simply curious about Linux, setting up Ubuntu on VirtualBox allows you to test and explore in a 6 min read How to Install Linux Mint?Linux Mint is the second-largest Linux-based distro used in the world. Linux Mint is a community-driven Linux distribution based on Ubuntu which itself is based on Debian and bundled with a variety of free and open-source applications. So here we discuss the installation of Linux mint. Installation 3 min read How to Install Kali Linux on Windows?Kali Linux is an open-source Linux distribution based on Debian, designed for sophisticated penetration testing and security auditing. Kali Linux includes hundreds of tools for diverse information security activities such as penetration testing, security research, computer forensics, and reverse eng 2 min read How to Install Linux on Windows PowerShell Subsystem?There are several ways to Install a Linux subsystem on your Windows PC Powershell Environment. It is good for learners, but it is recommended using original Linux OS if you are a developer as the Subsystem lacks the pre-installed Linux tools. Before we begin installing a Linux subsystem, we need to 2 min read How to Find openSUSE Linux Version?openSUSE is well known for its GNU/Linux-based operating systems, mainly Tumbleweed, a tested rolling release, and Leap, a distribution with Long-Term-Support(LTS). MicroOS and Kubic are new transactional, self-contained distributions for use as desktop or container runtime. Here we figure out which 2 min read How to Install CentOSCentOS is a popular open-source Linux distribution aimed at servers and provides compatibility with Red Hat's RPM package manager. It is built with the goal of providing a stable operating system that provided great compatibility with the upstream RHEL (Red hat enterprise Linux) CentOS is therefore 2 min read Linux CommandsLinux CommandsLinux commands are essential for controlling and managing the system through the terminal. This terminal is similar to the command prompt in Windows. It’s important to note that Linux/Unix commands are case-sensitive. These commands are used for tasks like file handling, process management, user adm 15+ min read Essential Unix CommandsUnix commands are a set of commands that are used to interact with the Unix operating system. Unix is a powerful, multi-user, multi-tasking operating system that was developed in the 1960s by Bell Labs. Unix commands are entered at the command prompt in a terminal window, and they allow users to per 7 min read How to Find a File in Linux | Find CommandThe find command in Linux is used to search for files and directories based on name, type, size, date, or other conditions. It scans the specified directory and its sub directories to locate files matching the given criteria.find command uses are:Search based on modification time (e.g., files edited 9 min read Linux File SystemLinux File SystemA file system is a structured method of storing and managing data—including files, directories, and metadata—on your machine. Think of it like a library. If thousands of books were scattered around, finding one would be hard. But in an organized structure, like labeled shelves, locating a book becom 12 min read Linux File Hierarchy StructureThe Linux File Hierarchy Structure or the Filesystem Hierarchy Standard (FHS) defines the directory structure and directory contents in Unix-like operating systems. It is maintained by the Linux Foundation. In the FHS, all files and directories appear under the root directory /, even if they are sto 6 min read Linux Directory StructureIn Linux, everything is treated as a file even if it is a normal file, a directory, or even a device such as a printer or keyboard. All the directories and files are stored under one root directory which is represented by a forward slash /. The Linux directory layout follows the Filesystem Hierarchy 6 min read Linux KernelLinux KernelLinux Kernel is the heart of Linux operating systems. It is an open-source (source code that can be used by anyone freely) software that is most popular and widely used in the industry as well as on a personal use basis. Who created Linux and why? Linux was created by Linus Torvalds in 1991 as a hob 4 min read Kernel in Operating SystemA kernel is the core part of an operating system. It acts as a bridge between software applications and the hardware of a computer. The kernel manages system resources, such as the CPU, memory and devices, ensuring everything works together smoothly and efficiently. It handles tasks like running pro 9 min read How Linux Kernel Boots?Many processes are running in the background when we press the system's power button. It is very important to learn the Linux boot process to understand the workings of any operating system. Knowing how the kernel boots is a must to solve the booting error. It is a very interesting topic to learn, l 11 min read Difference between Operating System and KernelIn the world of computing, two terms that are frequently mentioned are Operating System (OS) and Kernel. In this article, we will explore the key differences between the OS and the Kernel, their functions, and how they work together to manage hardware and software.What is an Operating System?An Oper 3 min read Linux Kernel Module Programming: Hello World ProgramKernel modules are pieces of code that can be loaded and unloaded into the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system. Custom codes can be added to Linux kernels via two methods. The basic way is to add the code to the kernel source tree and 7 min read Linux Loadable Kernel ModuleIf you want to add code to a Linux kit, the basic way to do that is to add source files to the kernel source tree and assemble the kernel. In fact, the process of setting up the kernel consists mainly of selecting which files to upload to the kernel will be merged. But you can also add code to the L 7 min read Loadable Kernel Module - Linux Device Driver DevelopmentFor Linux device drivers, we can use only two languages: Assembler and C. Assembler implements the main parts of the Linux kernel, while C implements the architecture-dependent parts. Uploaded kernel modules are often referred to as kernel modules or modules, but those are misleading names because t 4 min read Linux Networking ToolsNetwork configuration and troubleshooting commands in LinuxComputers are often connected to each other on a network. They send requests to each other in the form of packets that travel from the host to the destination. Linux provides various commands from network configuration and troubleshooting. Network Configuration and Troubleshooting Commands in Linux 5 min read How to configure network interfaces in CentOS?A network interface is a link between a computer and another network(Private or Public). The network interface is basically a card which is known as NIC or Network Interface Card, this does not necessarily have to be in a physical form instead, it can be inbuilt into the software. If we take the exa 5 min read Command-Line Tools and Utilities For Network Management in LinuxIf you are thinking of becoming a system administrator, or you are already a system admin, then this article is for you.As a system admin, your daily routine will include configuring, maintaining, troubleshooting, monitoring, securing networks, and managing servers within data centers. Network confi 8 min read Linux - Network Monitoring ToolsNetwork monitoring is using a system (hardware or software) that continuously observes your network and the data flows through it, depending on how the monitoring solution actually functions and informs the network administrator. We can keep a check on all the activities of our network easily. While 4 min read Linux ProcessProcesses in Linux/UnixA program/command when executed, a special instance is provided by the system to the process. This instance consists of all the services/resources that may be utilized by the process under execution. Whenever a command is issued in Unix/Linux, it creates/starts a new process. For example, pwd when i 6 min read How to Manage Process in LinuxA process means a program in execution. It generally takes an input, processes it, and gives us the appropriate output. Every time you launch an application or execute a command, the system creates a process for it. It involves controlling and monitoring all the running programs on the system. The L 4 min read Getting System and Process Information Using C Programming and Shell in LinuxWhenever you start a new process in Linux it creates a file in /proc/ folder with the same name as that of the process id of the process. In that folder, there is a file named "status" which has all the details of the process. We can get those Process Information Through shell as follows: cat /proc/ 2 min read Process states and Transitions in a UNIX ProcessProcess is an instance of a program in execution. A set of processes combined together make a complete program. There are two categories of processes in Unix, namely User processes : They are operated in user mode. Kernel processes : They are operated in kernel mode. Process States The lifetime of a 4 min read Linux FirewallLINUX FirewallLinux OS, we must know that it is a system based on Unix-like. Systems that are called Unix-like or Unix-based are designed to behave and function similarly to the Unix OS. Linux OS comes under the open-source family (code designed to be publicly accessible) and is based on the Linux kernel. It was 7 min read iptables command in Linux with ExamplesThe iptables command in Linux is a powerful tool that is used for managing the firewall rules and network traffic. It facilitates allowing the administrators to configure rules that help how packets are filtered, translated, or forwarded. On using this iptables, you can set up security policies to c 7 min read How to Configure your Linux Firewall - 3 MethodsA Linux firewall is essential for protecting your system from unauthorized access and attacks. By configuring firewall rules, you can control the flow of traffic into and out of your system. Linux offers multiple firewall management tools, including iptables and firewalld, both of which can be used 12 min read Shell Scripting & Bash ScriptingIntroduction to Linux Shell and Shell ScriptingWhenever we use any modern operating system like Linux, macOS, or Windows we are indirectly interacting with a shell, the program that interprets and executes our commands. While running Ubuntu, Linux Mint, or any other Linux distribution, we are interacting with the shell by using the terminal. In 8 min read What is Terminal, Console, Shell and Kernel?Understanding the terms terminal, console, shell, and kernel is crucial for anyone working with computers or learning about operating systems. These concepts are key components of how we interact with our devices and software. The terminal is a text-based interface used to interact with the computer 5 min read How to Create a Shell Script in linuxShell is an interface of the operating system. It accepts commands from users and interprets them to the operating system. If you want to run a bunch of commands together, you can do so by creating a shell script. Shell scripts are very useful if you need to do a task routinely, like taking a backup 7 min read Shell Scripting - Different types of VariablesThe shell is a command-line interpreter for Linux and Unix systems. It provides an interface between the user and the kernel and executes commands. A sequence of commands can be written in a file for execution in the shell. It is called shell scripting. It helps to automate tasks in Linux. Scripting 4 min read Bash Scripting - Introduction to Bash and Bash ScriptingBash is a command-line interpreter or Unix Shell and it is widely used in GNU/Linux Operating System. It is written by Brian Jhan Fox. It is used as a default login shell for most Linux distributions. Scripting is used to automate the execution of the tasks so that humans do not need to perform them 12 min read Bash Script - Define Bash Variables and its typesVariables are an important aspect of any programming language. Without variables, you will not be able to store any required data. With the help of variables, data is stored at a particular memory address and then it can be accessed as well as modified when required. In other words, variables let yo 12 min read Shell Scripting - Shell VariablesA shell variable is a character string in a shell that stores some value. It could be an integer, filename, string, or some shell command itself. Basically, it is a pointer to the actual data stored in memory. We have a few rules that have to be followed while writing variables in the script (which 6 min read Bash Script - Difference between Bash Script and Shell ScriptIn computer programming, a script is defined as a sequence of instructions that is executed by another program. A shell is a command-line interpreter of Linux which provides an interface between the user and the kernel system and executes a sequence of instructions called commands. A shell is capabl 4 min read Shell Scripting - Difference between Korn Shell and Bash shellKorn Shell: Korn Shell or KSH was developed by a person named David Korn, which attempts to integrate the features of other shells like C shell, Bourne Shell, etc. Korn Shell allows developers to generate and create new shell commands whenever it is required. Korn shell was developed a long year bac 3 min read Shell Scripting - Interactive and Non-Interactive ShellA shell gives us an interface to the Unix system. While using an operating system, we indirectly interact with the shell. On Linux distribution systems, each time we use a terminal, we interact with the shell. The job of the shell is to interpret or analyze the Unix commands given by users. A shell 3 min read Shell Script to Show the Difference Between echo “$SHELL†and echo ‘$SHELL’In shell scripting and Linux, the echo command is used to display text on the terminal or console. When used with the $SHELL variable, which contains the path of the current user's shell program, the output of the echo command can be different depending on whether the variable is enclosed in single 4 min read Like