Navigation:  Graphical User Interface Applications > IPMon+ >

Usage

Top  Previous  Next

Capturing Traffic

To capture traffic, click the Interfaces button and select the interface to capture traffic on. By default, the first interface with a valid IP address will be selected by default. As such, you will only need to manually select an interface if the computer that you are capturing on has more than one network interface with a valid IP address.

 

The Interfaces dialog also allows you to enable promiscuous mode, which ensures that all packets, even when not sent to the local MAC address, are captured and displayed. If the network card is connected to a switch, then the port to which the NIC is connected to will need to be configured to forward all network traffic to this port. Most managed switches support this functionality.

 

ipmonplus_interfaces

 

When the correct interface is selected, you can click the Start button to start capturing traffic. Once clicked, the start button will be renamed to Stop. Click Stop to suspend capturing traffic. Clicking the Stop button will not automatically clear collected information. Clicking the Clear button will erase all collected information from the display.

 

Filtering Traffic

 

ipmonplus_displayfilter

By default, all UDP, TCP, ICMP, ARP traffic statistics are displayed in the main grid window. By toggling the check boxes next to a protocol name (e.g. TCP), all traffic matching this protocol will immediately be hidden. Toggling the check boxes will not affect traffic being captured, it will only filters information from the main grid. All UDP, TCP, ICMP, ARP traffic statistics are always captured, regardless of the display filter.

 

You can also filter traffic based on UDP/TCP ports. Simply enter the port number in the Port(s) field, and only traffic that was sent to or from those ports will be displayed. You can specify multiple ports by separating them with a comma (e.g. 80, 443).

 

Resolve IPs

When checked, will attempt to resolve any IP address to a host name by performance a reverse lookup query through DNS. If an IP address cannot be resolved, then the IP address will be displayed instead. Toggling this check box will not change existing information in the main grid retroactively. Instead, the current setting will only affect future rows added to the grid.

 

 

Statistics

Displays how many network packets and total number of kbytes that have been captured. Changing the current filter has no effect on the statistics, which always show the overall total.

 

Sorting, Copy & Paste

Data in the grad can by sorted by clicking any of the column headers. Rows in the grid an be selected and copied to the clipboard by pressing the CTRL+C key combination.