1 .TH tcpsnoop.d 1m "$Date:: 2007-10-04 #$" "USER COMMANDS"
3 tcpsnoop.d \- snoop TCP network packets by process. DTrace.
7 This analyses TCP network packets and prints the responsible PID and UID,
8 plus standard details such as IP address and port. This captures traffic
9 of newly created TCP connections that were established while this program
10 was running. It can help identify which processes is causing TCP traffic.
12 This is a DTrace only version of "tcpsnoop" - an enhanced program that
13 provides command line options.
15 Since this uses DTrace, only the root user or users with the
16 dtrace_kernel privilege can run this command.
20 unstable - this script uses fbt provider probes which may change for
21 future updates of the OS, invalidating this script. Please read
22 Docs/Notes/ALLfbt_notes.txt for further details about these fbt scripts.
25 Default output, snoop TCP network packets with details,
59 See the DTraceToolkit for further documentation under the
60 Docs directory. The DTraceToolkit docs may include full worked
61 examples with verbose descriptions explaining the output.
63 tcpsnoop.d will print traffic until Ctrl\-C is hit.
68 tcpsnoop(1M), tcptop(1M), dtrace(1M)