Snort, the de-facto standard network intrusion tool will serve your needs. You can get it from http://www.snort.org but you have to build it from source. The other caveat is the learning curve. As with most high-power tools, it takes some good study time to make it do what you want.
All that unix stuff in Snort looks scary. I have never build anything from source, but it seems to have other features i'm also interested.
Good tool, but the OP needs text (text file ?) output, not X11 screens....
Yes, text file.
You're right, I was quick on the response but didn't really bothered to read the whole topic (somebody had suggested Wireshark before anyway).
I think wireshark can be called from the command line, or one can use TShark. But my usage has always been in the GUI.
TShark is one possibility.
You might want to pipe it through tee, or just append it to a log file:
Code:sudo /Users/Nelly/Desktop/test_fs.sh | tee -a urls.log
Code:sudo /Users/Nelly/Desktop/test_fs.sh >> urls.log
Your code works.
What pros/cons there is between piping thru tee or appending?
I learned alot unix stuff from that long script posted by pitaya, but it creates very long rows which has many folder paths.
I wonder if there is easy way to use Snort or TShark.
Did i understand correctly, there is no text logging in Wireshark?
What is proper way to quit this kind of script (using AppleScript). There is tcpdump, sh and bash running now in Activity Monitor.
Thanks again
Last edited: