Equivalent snoop command for OS X?

[clc2112]

On solaris I simply type "snoop" and it gives me all the traffic on a given interface. Any such feature in OS X?

 

[michaelsanford]

Do you mean:
$ netstat

Sample output attached; though it's from RedHat 8, the output is similar on Darwin.

 

[Eckhart]

netstat?

As far as I know, snoop is more or less a packet sniffer unlike netstat which is connection/socket oriented.

Mac OS X comes with tcpdump -- which is rather your choice. Flip through a manual/tutorial about it. Too much to explain...
Some people really do everything with it. In any other case, choose a sniffer via fink or try to compile on your own.

 

[slur]

Aha. There's also KisMac (a "wireless sniffer") and a front-end for tcpdump called MacSniffer.

 

[michaelsanford]

Cool (I've never heard of Snoop) I didn't realise it was a sniffer...which is nothing like netstat

 

[clc2112]

Thanks for the input! TcpDump or the third party ones look like they will work fine.

 

[Ripcord]

tcpdump should work great, I'd also STRONGLY suggest Ethereal (www.ethereal.com), which will give you a much better decode/export capability, better capture ability (the capture filtering is exactly the same, but you can save to multiple files, save to a ring buffer, etc).

Also has a lot of options for generating statistics, etc.

It also has a command-line-based utility (tethereal) if you need to do scripting or something.

You can get it from Fink, or compile it yourself.

Rip

 

[michaelsanford]

Ah yes Ethereal I've been playing with that on my RedHat machine...very