Network grep “ngrep” on macOS

Sometimes it is very practical to use grep, to find a specific regular expression in some files. It would also be very practical to have the grep functionality on the network. This feature is available.

Download ngrep. The package to get is ⇒ngrep-1.45.tar.bz2.

To get it to work on a mac do:

tar xvjf ngrep-1.45.tar.bz2
cd ngrep-1.45
./configure --with-pcap-includes=/usr/include --prefix=/usr/local
make
sudo make install

To read the manual page you can run

man ngrep

Now run ngrep itself run

sudo ngrep <expression to find> <pcap filter expression>

The ⇒<pcap filter expression> is used the same way as with ⇒tcpdump.