📄 ethload user's guide.txt
字号:
- -l command line option to get panic messages 2.7. Trademarks. As usual, all trademarks (Ethernet, DEC, NetWare, ...) are properties of their respective owners. 2.8. Source code. After being flamed on some mailing lists for having put a sniffer source code in the public domain and as I understand their fears (even if a large bunch of other Ethernet sniffers are available everywhere), I have decided that the source code is not made available. If you do need some parts of code, please refer first to public domain sniffers before asking me for parts of the code. What can be disclosed to you, is some parts of ETHLOAD, please email me for this. 2.9. Licensing. All version of ETHLOAD (1.01 to 1.04) are copyrighted by NRB and Eric Vyncke. Version 1.01, 1.02, 1.03 and 1.04 are free, you may use it, copy it (on any support), distribute it as long as you don't earn money from it (of course you may get paid a little for the media/transmission cost). This right is given for an unlimited period of time :-) I would appreciate if my little son received a postcard from you (see 2.3). As ETHLOAD is now more than 65,000 lines of C code (roughly about 60 evenings ;-)), next version of ETHLOAD (2.0) will be shareware: i.e. you will be allowed to copy it and distribute it as before but you will be allowed only a 90 days test period before having to be registered. The registration fee (probably about $199 or ECU 199) will allow you the right to use it for an unlimited period of time on any PC within your organization. Moreover, you will receive a 'registration key' that will allow you to get print-outs of ETHLOAD, an Excel compatible file for the load of the day, a larger number of internal buffers (so less dropped frames), a fully configurable of table size (in order to avoid the 'Filled since ...' message), and also a special electronic mail address for a support. Version 2.0 will have a completely different screen layout and a on-line help. The code will be completely different from the code of the NRB version and the copyright of NRB will be deleted. Now, enough about these stuffs, let's have fun and start ETHLOAD ! 2.10. Security. ETHLOAD should never be a major security leak on your LAN. ETHLOAD just may disclose the addresses used in your LAN and also the usernames of people. If for some reason, you HAVE to monitor some telnet/rlogin sessions, ETHLOAD will be able to do this. To be allowed to monitor these sessions or to check the contents of connect initiate of DECnet, you need a special software key linked to the Ethernet ROM address of your PC. This key will be delivered only after I have received an OFFICIAL paper letter from a very high level manager of your company (e.g. for University the rector or for a commercial organisation the head of EDP department or of a CEO). This letter should bear the name of the PC operator, his/her email address and the physical address of the PC. Even with this paper letter, the author may not give you the authorization for any reason. * * * * * *3. Configuration files. In order to run in basic mode (i.e. without translation of addresses into names,...) ETHLOAD does not require any configuration file. The configurations are required only if you want to achieve good printings: host name instead of addresses, ... It is possible to suppress the messages about loading these files, by using the -q option when starting ETHLOAD. All configuration files are in the same format: - plain ASCII files, i.e. lines ended by CR/LF; - any line beginning with a ';' or a '#' is considered as a comment; - empty lines are ignored; - other lines must begin with a token generally numeric, called the key, then a series of space or TAB characters, followed by another token, called the value. The value token is ended by the CR/LF end of line. Most of these files are the MS-DOS image of the well known TCP/IP files for UNIX: /etc/hosts, /etc/ethers, /etc/protocols, ... The simplest way to use them is to FTP them from your UNIX box. If you are using TCP/IP you should FTP /etc/hosts of a UNIX host and perhaps add some MAC addresses to the ETHERS file. If you are using DECnet, you probably don't need to modify any of these files. If you are using another protocol, you will probably need to modify ETHERS file together with TYPES and/or SAPS. All these optional files must be located in the current directory of the current drive or in the directory specified by the MS-DOS environment variable ETHLOAD. ETHERS This file contains the mapping between MAC Ethernet addresses into host names. The key token is the Ethernet MAC address in the format HH- HH-HH-HH-HH-HH where HH is a pair of hexadecimal digits. The value token is any character string representing the name of this host. Part of ETHERS file: AB-00-03-00-00-00 DEC: Local Area Transport -LAT- FF-FF-FF-FF-FF-FF Broadcast CF-00-00-01-00-00 Loopback Assistance 00-00-00-00-00-00 Null Address Remark: ETHLOAD is smart enough to recognize a DECnet node and display the DECnet address of any MAC address. If you want to display DECnet address by node name, you may use the MKNODE.EXE program documented in annex A.3. Remark 2: ETHLOAD is also listening for ARP requests and replies, so it can display the IP address of any MAC address. Remark 3: ETHLOAD as it is (i.e. without ETHERS) cannot even display correctly well known address as the null address or even the broadcast address. Remark 4: you should add your own MAC addresses only if you are not using DECnet or TCP/IP, moreover, you should add these addresses at the end of ETHERS file and keep the original contents of ETHERS. HOSTS This file contains the mapping between IP address and host names. The key token is an IP address in the format ddd.ddd.ddd.ddd where ddd is up to three decimal digits. The value token is any character string representing the name of this host. Part of HOSTS file: 139.21.20.18 d012s509.mch.sni.de d012s509 139.21.18.140 d012s322.mch.sni.de d012s322 139.21.22.206 d012s712 rm400ap 139.21.24.1 cisco.ap.mch.sni.de 139.24.16.44 baumann The best way to initiate this file is to get a /etc/hosts from a UNIX machine (or the stdout of the ypcat hosts.byaddr if you are running NIS2). NETWORKS This file contains the mapping between IP address and network names. It is used to display the IP addresses when no information can be found in the host file. The key token is an IP address in the format ddd.ddd.ddd.ddd where ddd is up to three decimal digits. The value token is any character string representing the name of this network. Part of NETWORKS file: 150.144.0.0 UCCLE 150.148.0.0 CSL The best way to initiate this file is to get a /etc/networks from a UNIX machine (or the stdout of the ypcat networks.byaddr if you are running NIS3). PROTOCOL This file contains the mapping between IP protocols and protocol names. The key token is a decimal number up to 255. The value token is any character string representing the name of the protocol. One again, the best way to initiate this file is to get /etc/protocols from a Unix machine or using the PROTOCOL file you may have receive with ETHLOAD. The first solution is probably not useful since /etc/protocols are always nearly the same. The shipped PROTOCOL file contains: 0 ip 1 icmp 3 ggp, gateway-gateway protocol 6 tcp 8 egp, exterior gateway protocol 12 pup 17 udp 20 hmp, host monitoring protocol 22 xns-idp 27 rdp, reliable datagram protocol SAPS This file contains the mapping between IEEE 802.2 LLC SAP and SAP names. The key token is two hexadecimal digits. The value token is the name representing the Service Access Point. Part of a sample SAPS file: 80 3Com XNS 8E Proway-LAN AA TCP/IP SNAP (Ethernet type in LLC) BC Banyan VINES E0 Novell NetWare F0 IBM NetBIOS Remark: ETHLOAD has a built-in knowledge of SNAP. WKS.TCP (resp. WKS.UDP) This file contains the mapping of TCP (resp. UDP) well- known services ports. The key token is a decimal number up to 65535 which is the port number assigned to the service. Part of a sample WKS.TCP file: 79 finger 21 ftp 101 hostnames 2156 informix 1524 ingreslock This file together with WKS.UDP contains all the information of the usual /etc/services UNIX file but in a slightly different format. Since the file /etc/services is always the same on all Unix machine, you may probably use the files provided with ETHLOAD. TYPES This file contains the mapping of the DIX Ethernet packet type into names. The key token is 4 hexadecimal digits. Part of a sample TYPES file: 0600 XNS 0601 XNS Address Translation 0800 DOD IP 0801 X.75 internet VENDORS This file contains the mapping between the IEEE vendor codes and the vendor names. The IEEE vendor code is representing the most significant three bytes of the MAC address of any adapter built by this manufacturer. The key token is 3 bytes represented each by two hexadecimal digits, each byte is separated by a dash. Part of a sample VENDORS file: 00-00-0C cisco 00-00-0F NeXT 00-00-10 Sytek 00-00-1D Cabletron OBJECTS.DNA This file contains the mapping between the DECnet object number and the object name. The key token is a decimal number between 1 and 255. The file shipped should be enough for all sites. Here follow some lines of the file: 25 MIRROR 26 EVL 27 MAIL⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -