[no bombs] IcmpInfo

Name

icmpinfo - interpret ICMP messages

Synopsis

icmpinfo [-v[v[v]]] [-n] [-p] [-s] [-l]

Description

Icmpinfo is a tool for looking at the ICMP messages received on the running host. It can be used to detect and record 'bombs' as well as various network problems.

The output format is as follows (all on one line):

MMM DD HH:MM:SS ICMP_type[sub-type] < sender_ip [sender_name] > unreach_ip [unreach_name] sp=source_port dp=dest_port seq=sequence sz=packet_size

In normal operation, icmpinfo will only report on "weird" packets, mainly icmp_unreachable.

Options

-v
Give information about all icmp packets, excepts pings.
-vv
Give about pings too (i.e. icmp_echo_reply).
-vvv
Include an ascii/hex dump of each packet
-n
Avoid name queries - just give IP addresses. Use this option when icmpinfo is left unattended on an host also running a name server, to avoid possible loops.
-p
Avoid port number to service name decoding.
-s
Show the interface ip that received the packet. Usefull only if your host has several network interfaces. In this case an '- my_ip [my_name]' is added between the sender and unreach ip and name fields.
-l
Forks and use the syslog(3) facility to record events (recomended use). root id is checked.

Warnings

The packet decoding is only fully meaningful for ICMP Unreachable warnings.

Author

Laurent Demailly <dl@hplyot.obspm.fr>.
Free software. See LICENSE in package.
Latest version is available via ftp hplyot.obspm.fr:/net/icmpinfo-*.tar.gz.

Acknowledgements

Thanx to Vesa for help in debugging buggy bsd code!
To Dave for providing the first man page!
And to ScottM for making my english readable!
[up] [top]