ntl
Run a script on multiple nodes
TLDR
View documentation for the original command
SYNOPSIS
ntl [options]
PARAMETERS
-i
Specifies the network interface to capture traffic from. Example: -i eth0
-f
Applies a BPF filter to capture only specific traffic. Example: -f 'port 80'
-o
Specifies the output file for logging captured data. Example: -o traffic.pcap
-p
Specifies a plugin to use for analyzing traffic. Example: -p http_parser
-v
Enables verbose output, providing more detailed information about the captured traffic and the execution of ntl.
-h
Displays help information and a list of available options.
DESCRIPTION
ntl is a command-line utility for capturing, logging, and analyzing network traffic. It provides a flexible and extensible framework for passively monitoring network activity. ntl can capture packets from various network interfaces, filter traffic based on specific criteria, and log data to different formats. The captured data can then be analyzed to gain insights into network behavior, identify potential security threats, and troubleshoot network issues.
Key features include packet capture, filtering with BPF (Berkeley Packet Filter), logging to various formats (including pcap), and analysis capabilities using plugins. It's a useful tool for network administrators, security analysts, and developers who need to monitor and understand network traffic.
PLUGINS
ntl supports a plugin architecture, allowing users to extend its functionality. Plugins can be written to analyze specific protocols, detect anomalies, or perform other tasks. Documentation on writing plugins is available in the ntl documentation.
BPF FILTERS
The BPF (Berkeley Packet Filter) allows for fine-grained filtering of captured traffic. Understanding BPF syntax is crucial for effectively using ntl to capture only the desired traffic. Refer to the pcap-filter(7) manual page for more information on BPF syntax.