tcpflow: That tool you’ve been looking for

If you’ve ever casted about the Internet, looking for a tool that will watch line traffic, keep copies of transferred images, break down network requests into human-readable chunks, then compile everything into a PDF report … you’ve been looking for tcpflow.

2014-05-19-jk7h5f1-tcpflow-all

I realize a large chunk of what tcpflow does isn’t really intended for text-only environments. And while it’s running, tcpflow doesn’t give you a whole lot of information about what’s happening. So tcpflow is hardly worth mentioning as a console application.

But the final results, and its meticulousness in the mean time, are quite impressive. I tried to lump everything into that screenshot above. Something tells me tcpflow could do more, but I’d need a bigger screen to show it. 😯

So far, I see that it can shunt images into a destination folder, tag everything with filenames made out of source-and-destination IPs, break down individual transfers and arrange them in a way that is infinitely easier to read than tcpdump’s Wall of Data, and perhaps best of all, generate a PDF report at the end of the run, showing still more statistics, in living color.

It’s great stuff, and I should think particularly useful to network administrator-types, who might need to see what the office staff is really doing during their work hours. 😈

One thought on “tcpflow: That tool you’ve been looking for

  1. Pingback: tcpick: A different take on reading network data | Inconsolation

Comments are closed.