choom - Linux
Overview
choom is a utility to capture network traffic and perform deep packet inspection. It offers a user-friendly interface and allows for real-time monitoring, packet analysis, and content extraction.
Syntax
choom [options] [filter expression] [-- chain-command]
Options/Flags
-i
,--interface
: Network interface to capture traffic from.-f
,--filename
: File to save captured traffic.-p
,--port
: Capture traffic on a specific port.-t
,--timeout
: Duration of capture in seconds.-l
,--live
: Display live traffic.-a
,--ascii
: Convert binary data to ASCII.-j
,--json
: Output data in JSON format.-v
,--verbose
: Increase verbosity level.-h
,--help
: Display help information.
Examples
# Capture traffic on interface eth0 for 60 seconds
choom -i eth0 -t 60
# Save captured traffic to a file
choom -i eth0 -f capture.pcap
# Capture traffic on port 80
choom -i eth0 -p 80
# Display live traffic in ASCII format
choom -i eth0 -l -a
# Output data in JSON format
choom -i eth0 -j
Common Issues
- Make sure to run choom with appropriate permissions (
sudo choom
). - Ensure that the specified interface is up and running.
- Increase the buffer size if encountering packet loss.
Integration
choom can be integrated with other tools for advanced tasks:
- tcpdump and wireshark: Save captured traffic in pcap format for further analysis.
- grep: Filter captured traffic based on specific patterns.
- jq: Process JSON output and extract specific information.
Related Commands
- tcpdump
- wireshark
- tshark