Any way to get an audio representation of packet flow?

[Doug Lee]

Ok, this may be odd to many, but here's what I want:

I like tcpdump's powerful ways of selecting and analyzing specific
portions of packet traffic, but I want a real-time way to represent
the results.  I am blind, so graphs don't help. <grin>  Usually all I
want to know is the pattern of packet match frequency vs. time, so a
little click for each matching packet would translate nicely into what
I'm looking for.

My normal tactic involves directing output from tcpdump to /dev/audio
or even /dev/pcaudio:

tcpdump -l -n [... rules for traffic ...] >/dev/audio

is the first trick I tried.  Problem:  It causes me to get kernel
errors like "runt packet" and such, presumably because it adds too
mmuch overhead to packet processing somehow.  (This is a P166; maybe
that problem wouldn't exist on faster hardware?)

My next trick was like

tcpdump -s 1 -w /dev/audio [... rules for traffic ...]

No errors this time, but the output of -w is buffered regardless of -l
(which normally makes a lot of sense, of course), so it wasn't very
real-time.

I currently run FreeBSD 4.10-STABLE, but I'd be interested in any
solutions requiring 5.x features as well, for future planning.

Please Cc me if you have any ideas.

Thanks much.


-- 
Doug Lee           dgl at dlee.org        http://www.dlee.org
Bartimaeus Group   doug at bartsite.com   http://www.bartsite.com
The very smart may feel they have nothing to learn from anyone;
The very wise will find something to learn from everyone.  (7/14/01)