dump: add README and manpage
refs #2855
Change-Id: I59379349e3579b267956933aeb603aa8d747aa53
diff --git a/manpages/conf.py b/manpages/conf.py
index ea32680..1476da8 100644
--- a/manpages/conf.py
+++ b/manpages/conf.py
@@ -10,4 +10,5 @@
('ndnpoke', 'ndnpoke', 'simple producer to publish one Data', None, 1),
('ndnping', 'ndnping', 'reachability testing client', None, 1),
('ndnpingserver', 'ndnpingserver', 'reachability testing server', None, 1),
+ ('ndndump', 'ndndump', 'traffic analysis tool', None, 8),
]
diff --git a/manpages/ndndump.rst b/manpages/ndndump.rst
new file mode 100644
index 0000000..95c1904
--- /dev/null
+++ b/manpages/ndndump.rst
@@ -0,0 +1,59 @@
+ndndump
+=======
+
+Usage
+-----
+
+::
+
+ ndndump [-hV] [-i interface] [-r file] [-f filter] [expression]
+
+Description
+-----------
+
+:program:`ndndump` is a traffic analysis tool that captures Interest and Data packets on the wire,
+and displays brief information about captured packets.
+
+Currently, :program:`ndndump` is capable of extracting Interest and Data packets from:
+
+* Ethernet, when bare Interest/Data is transmitted without NDNLP header
+* PPP link (e.g., pcap trace from ndnSIM)
+* IPv4 UDP unicast tunnel
+* IPv4 UDP multicast group
+* IPv6 TCP tunnel, when Interest/Data is aligned to the front of a TCP segment
+
+Options
+-------
+
+``-h``
+ Print help and exit.
+
+``-V``
+ Print version and exit.
+
+``-i``
+ Listen on :option:`interface`.
+ If unspecified, ndndump searches the system interface list for the lowest numbered,
+ configured up interface (excluding loopback).
+
+``-r``
+ Read packets from :option:`file` (which was created with :manpage:`tcpdump(8)` using its -w option).
+
+``-v``
+ Produce verbose output.
+
+``-f``
+ Print a packet only if its Name matches the regular expression :option:`filter`.
+
+``expression``
+ Selects which packets will be analyzed, in :manpage:`pcap-filter(7)` format.
+ If no :option:`expression` is given, a default expression is implied which can be seen with ``-h`` option.
+
+Examples
+--------
+
+Capture on eth1 and print packets containing "ping":
+
+::
+
+ ndndump -i eth1 -f '.*ping.*'
diff --git a/tools/dump/README.md b/tools/dump/README.md
new file mode 100644
index 0000000..d99bfe1
--- /dev/null
+++ b/tools/dump/README.md
@@ -0,0 +1,13 @@
+# ndndump
+
+**ndndump** is a traffic analysis tool that captures Interest and Data packets on the wire,
+and displays brief information about captured packets.
+
+Usage example:
+
+1. start NFD on local machine
+2. create an IPv4 UDP tunnel to a remote machine
+3. cause some traffic going on the tunnel
+4. execute `sudo ndndump`
+
+For more information, consult the manpage.