[vox-tech] network blinken lights experiment

[Nicole the Wonder Nerd]

Up spake dylan on Mon, May 19, 2003 at 11:08:02AM -0700:
> Here is my question - is it possible for a shell script / perl script to
> monitor a filtered data stream from 'tcpdump' -- looking for key pieces of
> text. when there is a match on say "FTP"  or "WWW" or "SSH", the shell
> script or perl script would output a single byte of data to the serial port:

My gut feeling is that it is entirely possible, and would in fact make a fun 
project.

> the basic stamp would be listening for data on the serial port, in single
> byte chunks from 1 - 9 (or a - z, or whatever). based on the byte it
> receives it would set a corresponding I/O pin high, short pause, then low.
> the I/O pins would be connected to LEDs -- which would yield a crude display
> what what kind of traffic exists on the network -> by blinking various LEDs.
> is it possible to search streams of data like this, and would such a search
> actually provide reliable information?

You're going to be seeing a LOT of blinking, if not constantly-on, LEDs.  Check 
your logs for an idea of how many packets you get--it's more than you think.
If I were doing this, I think I'd have it blink every 10 or 20 packets instead.

You may have to write your own driver, and implement some or all of this in kernel space.  Check out Pete's LKM guide at http://www.dirac.org/p/linux/writing for more information on this.  At the most basic level, sending a binary 1 is sending a high voltage (5v or 3.3v, depending on your mobo), which would turn on an LED.

--n twn

***
"It would be nice if it rained beer."--California Gov. Gray Davis,
quoted in the Sacramento Bee, 8-9-99
Visit www.nicolopolis.com ... digital drivel for a weary world.