Version 27 of sockspy

Updated 2003-01-10 18:00:00

Author of this application is Tom Poindexter and Keith Vetter.

sockspy [L1 ] "watch[es] the conversation of a Tcp client and server", according to its quite readable README [L2 ]. Although "not a replacement for heavy duty tools such as 'tcpdump' and other passive packet sniffers" (Ethereal [L3 ], ...), it's easy to install, configure, and launch, and pleasingly convenient for "debugging Tcp client/server programs, examining protocols and diagnosing network problems".

sockspy is nearly indispensable for any network programmer or network administrator, quite apart from any interest they might have in Tcl. [Compare to tcpdump, ...]


Version 2.0 of sockspy is available on sourceforge at [L4 ]. [L5 ] documents sockspy.

Among the new features are:

  • reorganized GUI to use one pane and different colors to indicate client, server and meta data
  • can be run as a command-line (tcl not tk) application. Before 2.0, sockspy was inherently Tk
  • you can stop, start and change the socket forwarding configuration from within the application

Keith has also updated [L6 ] Tom's version 1.0 tutorial.

[Nice work, Keith!]


Keith Vetter 2003-01-09 - Version 2.4 is available on SourceForge [L7 ] or at [L8 ].

Among the new features are:

  • HTTP proxying--sockspy can use the first line of an HTTP request to determine who to forward to
  • an EXTRACT window, where data from the client and server streams matching user-supplied regular expressions are displayed. I use this to more easily see the URL a client is requesting and the status of the server's reply.

Sebastian Wangnick has an interesting complement to sockspy he calls ipc. [Also explain relations to sniffers--tcpdump, ethereal, ..., and pktsrc ] [Also moni.]


CL plans a couple of articles in 2002-2003 on sockspy applications. [Will December 2002 *Sys Ad* magazine [L9 ] content be on-line?]


Category Application