UDP Flow Monitor

Go To Product Page

The UDP Flow Monitor plugin simplifies UDP analysis by hiding low-level details and showing a clear, readable log of conversations, just like the UDP Socket plugin. The plugin supports easy filtering by address or port and runs on libpcap, the trusted cross-platform packet capture library.

Basic Setup

  1. In IO Ninja, click the “New Session” dropdown and select “UDP Flow Monitor”.

_images/udp-flow-monitor-new-session.png

  1. Select a network interface from “Device:”, e.g. “Adapter for loopback traffic capture”.

_images/udp-flow-monitor-adapter.png

  1. Click the “Capture” button to the right of the “Device:” dropdown to start capturing traffic.

_images/tcp-flow-mon-capture.png

  1. Monitor UDP traffic captured according to your settings.

_images/udp-flow-monitor-analyze.png

  1. Adjust settings as needed via the “Settings” button (see “Settings” section below for details).

Settings

_images/udp-flow-monitor-settings.png

Setting

Description

Default

Device

The device to capture.

Promiscious mode

Intercept and analyze all network traffic, not just the data specifically directed to it.

False

Capture filter

Term to filter with when capturing packets.

View filter

Term to filter with when displaying packets.

IP fragment limit

The maximum number of IP fragments. IP fragments refer to the pieces of a larger IP packet that has been broken up for transmission across a network.

8

IP fragment timeout (ms)

The maximum delay between IP fragments.

10000

Snapshot size

Pcap (packet capture) snapshot size.

65536

Kernel buffer size

Pcap (packet capture) kernel buffer size.

0

RX buffer size (B)

The full size of the incoming data (RX) buffer. Affects read throughput.

1048576

RX buffer full notifications

Toggle warnings in log about the incoming data (RX) buffer getting full.

False