Fixed warnings:
Warning: [lookupdev.c get_dev_params()] Cannot open socket!
when specify help for packet type:
# mz -t tcp help
Also fixes delayed output of the same command if user is root.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
staging/mausezahn.c | 18
From: Vadim Kochan vadi...@gmail.com
Trafgen uses all the online cpus even if number of packets specified
by -n is less than numbers of selected cpus.
Such behaviour leads to issues:
- trafgen re-calculates number of packets per cpu which
leads to rounding it to 0 then no packets
On Sun, Mar 22, 2015 at 01:48:50PM +0200, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
mz fails start in cli mode and prints each time different pcap errors:
$ mz -x -V
fatal flex scanner internal error--end of buffer missed
rx_arp: [ERROR] Error calling
On Mon, Mar 23, 2015 at 02:03:54PM +0200, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 01:07:24PM +0200, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
On 03/23/2015 11:37 AM, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo
On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
On 03/23/2015 11:37 AM, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
...
Thats what I got on 3.18 with the same cfg file:
$ trafgen/trafgen -c ~/trafgen.cfg -o wlp3s0 -n 1
4
On Mon, Mar 23, 2015 at 01:07:24PM +0200, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
On 03/23/2015 11:37 AM, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
...
Thats what I got on 3.18 with the same cfg file
On Mon, Feb 23, 2015 at 02:11:57PM +0200, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Changed to print packet types by '-t help' earlier
bofore mz will try to identify link device to bind.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
Hi,
Just pinging about this patch
From: Vadim Kochan vadi...@gmail.com
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
staging/layer3.c| 20 +--
staging/layer4.c| 101
staging/mausezahn.c | 28 +--
staging/mz.h| 38
From: Vadim Kochan vadi...@gmail.com
I have no enough arguments for this fix but it
fixes the failing of geoip updating.
Seems shutdown(..) closes socket too early.
So shutdown(...) is removed and added Connection: close
http header which says http server to close connection after
response
From: Vadim Kochan vadi...@gmail.com
netsniff does not delete created rfmon device in case of
panic (for example - bad pcap filter expression), so added ability to
add callback func when panic will be happen and delete rfmon device.
Signed-off-by: Vadim Kochan vadi...@gmail.com
From: Vadim Kochan vadi...@gmail.com
Fixed case when netsniff fails if there is already existing monX device
while generating.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
dev.c | 15 ---
dev.h | 1 +
mac80211.c | 4
3 files changed, 17 insertions(+), 3
On Tue, Apr 21, 2015 at 03:24:33PM +0200, Tobias Klauser wrote:
On 2015-04-20 at 13:51:40 +0200, Vadim Kochan vadi...@gmail.com wrote:
From: Vadim Kochan vadi...@gmail.com
Please always add a short description, even if it's restating what
subject already says. I added one for this.
Also
On Thu, Apr 23, 2015 at 02:24:16PM +0300, Vadim Kochan wrote:
static inline void __show_frame_hdr(uint8_t *packet, size_t len, int
linktype,
struct sockaddr_ll *s_ll, void *raw_hdr,
- int mode, bool v3
From: Vadim Kochan vadi...@gmail.com
Changed to use ctx-gid when call getgid() on init_ctx.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/netsniff-ng.c b/netsniff-ng.c
index c0d70c8..4ad8b19 100644
From: Vadim Kochan vadi...@gmail.com
Add error cause message when ioprio_setpid fails.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
iosched.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iosched.c b/iosched.c
index 7417973..ff82126 100644
--- a/iosched.c
+++ b
On Wed, Apr 22, 2015 at 05:02:52PM +0200, Daniel Borkmann wrote:
On 04/22/2015 05:00 PM, Vadim Kochan wrote:
Hi,
It is not possible to just read pcap by netsniff-ng if user permissions
does not allow to set processes IO prio, so it is really needed to do it
just for print pcap file
Hi,
It is not possible to just read pcap by netsniff-ng if user permissions
does not allow to set processes IO prio, so it is really needed to do it
just for print pcap file ?
Thanks,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group
On Wed, Apr 22, 2015 at 05:37:42PM +0200, Daniel Borkmann wrote:
On 04/22/2015 05:09 PM, Vadim Kochan wrote:
...
Sure, I will try to fix it, really I dont have a fix yet. The issue goes
from pcap ops in init one function, where IO prio is set, the first
think which came up in my mind
(0),
Ant Indic Feedb Cap (0),
Rec ASEL Cap (0),
Transm Sound PPDUs Cap (0),
Res (0x0)
Reserved (21, Len (110)): Failed to dissect Subtype ]
Regards,
Vadim Kochan
--
You received this message because you
On Thu, Apr 23, 2015 at 12:05:55AM +0200, Daniel Borkmann wrote:
On 04/22/2015 11:50 PM, Vadim Kochan wrote:
...
I think that HT Capabilities element info should be showed in more
structured view so
it will be more readable what do you think ?
Does someone have a better option ?
Yes
From: Vadim Kochan vadi...@gmail.com
Now it looks like:
[ Subtype Beacon: Timestamp 0x74c5c180, Beacon Interval (0.102400s),
Capabilities (0x431 - ESS; Privacy; Short Preamble; Short Slot Time;)
Parameters:
SSID (0, Len (6)): D07F82
Supp. Rates
From: Vadim Kochan vadi...@gmail.com
? 100 1429707903s.33856000ns (#1)
[ Radiotap Version (0), Length (26), Flags (0x482f) ]
[ 802.11 Frame Control (0x0040)]
[ Proto Version (0), Type (0, Management), Duration (0),
Destination (ff:ff:ff:ff:ff:ff)
Source (00:23:14:da:1c:fc
On Tue, Apr 21, 2015 at 12:30:07PM +0200, Daniel Borkmann wrote:
Hi Vadim,
On 04/17/2015 09:04 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Fixed case when netsniff fails if there is already existing monX device
while generating.
Signed-off-by: Vadim Kochan vadi
On Mon, Apr 27, 2015 at 04:29:40PM +0300, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Print nlmsg type name for rtnetlink messages
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 84
+--
1 file
On Sat, May 02, 2015 at 07:00:53PM +0200, Tobias Klauser wrote:
On 2015-04-29 at 21:18:24 +0200, Vadim Kochan vadi...@gmail.com wrote:
From: Vadim Kochan vadi...@gmail.com
It might be related to the issue #73 noticed by
Jon Schipp jonsch...@gmail.com
where he pointed
From: Vadim Kochan vadi...@gmail.com
Rename xxx_panic_func(s) to xxx_panic_handler(s)
which is more understandable than 'func'.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
die.c | 4 ++--
die.h | 8
netsniff-ng.c | 2 +-
trafgen.c | 2 +-
4 files changed, 8
On Mon, May 04, 2015 at 11:11:21AM +0300, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Rename xxx_panic_func(s) to xxx_panic_handler(s)
which is more understandable than 'func'.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
die.c | 4 ++--
die.h | 8
From: Vadim Kochan vadi...@gmail.com
Print similar header fields in less mode as it is done in
full mode.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 30 +-
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/proto_nlmsg.c b
this issue before making a next release, or if you can make a fast fix :-)
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr
in specified directory and at the end after all
children done then the main netsniff-ng will merge these files into one, and
remove the files which were generated by children...
Just thoughts ...
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
On Tue, May 05, 2015 at 01:13:04PM +0200, Daniel Borkmann wrote:
On 05/05/2015 12:59 PM, Vadim Kochan wrote:
Wireshark does not understand netsniff-ng's pcap file with Netlink
frames, I assume thats because W-shark expects that each Netlink frame
should have additional header on-top described
On Tue, May 05, 2015 at 04:39:51PM +0200, Daniel Borkmann wrote:
On 05/05/2015 12:10 PM, Daniel Borkmann wrote:
On 05/05/2015 11:26 AM, Tobias Klauser wrote:
On 2015-05-02 at 22:54:50 +0200, Vadim Kochan vadi...@gmail.com wrote:
On Sat, May 02, 2015 at 07:00:53PM +0200, Tobias Klauser wrote
to open the file w/o admin permissions ?
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options
From: Vadim Kochan vadi...@gmail.com
Use actual Daniel's borkm...@iogearbox.net email.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
AUTHORS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/AUTHORS b/AUTHORS
index ec95d91..f9471db 100644
--- a/AUTHORS
+++ b/AUTHORS
From: Vadim Kochan vadi...@gmail.com
It fixes the case when user made pcap file in sudo
mode but after it should still use sudo to read it
because of setting O_NOATIME option requires higher
privileges.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng.c | 2 +-
1 file changed, 1
From: Vadim Kochan vadi...@gmail.com
Automatic new line indentation can break terminal
ESC color sequence by inserting new line within it.
Fixed by considering that color ESC sequence is not closed
by 'm' and only after it is closed - print new line with spaces.
Signed-off-by: Vadim Kochan vadi
From: Vadim Kochan vadi...@gmail.com
Create PF socket with proto=0 which does not
setup packet handler and will not capture packets
until bind() will be invoked.
Also replaced pf_tx_socket by pf_socket as these funcs
became the same, as proto arg is set to 0.
Suggested-by: Daniel Borkmann borkm
On Tue, May 05, 2015 at 11:48:55AM +0200, Tobias Klauser wrote:
On 2015-05-05 at 11:43:03 +0200, Vadim Kochan vadi...@gmail.com wrote:
On Tue, May 05, 2015 at 11:20:42AM +0200, Tobias Klauser wrote:
On 2015-05-04 at 11:32:33 +0200, Vadim Kochan vadi...@gmail.com wrote:
From: Vadim Kochan
On Tue, May 05, 2015 at 12:10:54PM +0200, Tobias Klauser wrote:
On 2015-05-04 at 19:16:39 +0200, Vadim Kochan vadi...@gmail.com wrote:
Hi,
In less mode (netsniff-ng -i dev --less) the color ESC terminal
sequences can be broken by automatic indentation made in
tprintf.c
From: Vadim Kochan vadi...@gmail.com
Print 'Family' and 'Type' (considering family) fields in less mode.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index e8706a2
On Wed, May 13, 2015 at 11:08:01AM +0200, Daniel Borkmann wrote:
On 05/10/2015 02:37 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Since Netlink messages are written in default pcap format there is no
way to identify Netlink family by socket protocol number, so
use pcap
On Wed, May 13, 2015 at 12:18:37PM +0300, Vadim Kochan wrote:
On Wed, May 13, 2015 at 11:08:01AM +0200, Daniel Borkmann wrote:
On 05/10/2015 02:37 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Since Netlink messages are written in default pcap format there is no
way
From: Vadim Kochan vadi...@gmail.com
Pull print more Netlink messages from one packet
which can be sent with MULTI flag.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 52 +---
1 file changed, 37 insertions(+), 15 deletions
From: Vadim Kochan vadi...@gmail.com
Pull print more Netlink messages from one packet
which can be sent with MULTI flag.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 44 ++--
1 file changed, 30 insertions(+), 14 deletions(-)
diff
From: Vadim Kochan vadi...@gmail.com
Dump RTnetlink interface related info with attributes.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng/Makefile | 2 +
proto_nlmsg.c| 232 +++
2 files changed, 234 insertions(+)
diff
From: Vadim Kochan vadi...@gmail.com
Dump RTnetlink interface related info with attributes.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng/Makefile | 2 +
proto_nlmsg.c| 233 +++
2 files changed, 235 insertions(+)
diff
On Tue, Jun 02, 2015 at 10:51:01AM +0200, Daniel Borkmann wrote:
On 06/02/2015 10:44 AM, Vadim Kochan wrote:
On Tue, Jun 02, 2015 at 10:36:12AM +0200, Daniel Borkmann wrote:
On 06/01/2015 05:43 PM, Vadim Kochan wrote:
On Mon, Jun 01, 2015 at 05:14:10PM +0200, Daniel Borkmann wrote:
On 06/01
HI,
I was faced with case when netsniff-ng silently was killed by SIGSEGV
but w/o message, I investigated that it was caused by 'sudo' which seems
for me somehow aborts this signal, but registering the SIGSEGV handler
(which printed the expected Segmentation fault message) in netsniff-ng
fixed
CC to Perf Tech
-- Forwarded message --
From: Vadim Kochan vadi...@gmail.com
Date: Thu, Jun 4, 2015 at 11:11 PM
Subject: Re: [netsniff-ng] error when running trafgen for the first time.
To: netsniff-ng@googlegroups.com
On Wed, Jun 3, 2015 at 7:05 PM, Perf Tech perfte
On Fri, Jun 05, 2015 at 03:04:24PM -0700, Perf Tech wrote:
Sorry, I meant to say I got the following. I am stuck with syntax errors :-(
# ./trafgen --dev eth0 --conf tmp2.txt --rand --gap 1000us --cpp
Syntax error at line6, at char 't'! syntax error, unexpected number!
# ./trafgen --dev eth0
On Sat, Jun 06, 2015 at 12:27:46AM +0200, Daniel Borkmann wrote:
On 06/06/2015 12:16 AM, Vadim Kochan wrote:
...
Do you have cpp installed on your machine?
I think in that case there could be a message like:
sh: cpp: command not found
Failed to invoke C preprocessor!
Yes, agreed. Want
On Sat, Jun 06, 2015 at 12:08:58AM +0200, Daniel Borkmann wrote:
On 06/06/2015 12:02 AM, Perf Tech wrote:
Thanks Guys for the reply. The following is what I got, any idea why?
# ./trafgen --dev eth0 --conf tmp2.txt --rand --gap 1000us --cpp
Syntax error at line6, at char 't'! syntax error,
On Fri, Jun 05, 2015 at 03:31:30PM -0700, Perf Tech wrote:
Did that but still get the same problem.
# ls /etc/netsniff-ng/
rules trafgen_stddef.h
It should be as stddef.h in /etc/netsniff-ng
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
On Thu, Jun 18, 2015 at 11:07:12AM +0200, Daniel Borkmann wrote:
On 06/18/2015 10:57 AM, Vadim Kochan wrote:
...
Not yet, but I will try keep thinking about this, and will let know if I
will have some real ideas regarding implementation.
Sounds good!
Some 1st though which I came up is may
On Fri, Jun 19, 2015 at 11:13:54PM +0200, Daniel Borkmann wrote:
On 06/19/2015 10:58 PM, Vadim Kochan wrote:
On Fri, Jun 19, 2015 at 10:47:49PM +0200, Daniel Borkmann wrote:
...
@@ -737,6 +837,24 @@ static inline void pcap_validate_header(const struct
pcap_filehdr *hdr)
if (unlikely(hdr
On Fri, Jun 19, 2015 at 10:47:49PM +0200, Daniel Borkmann wrote:
On 06/18/2015 11:49 AM, Daniel Borkmann wrote:
On 06/18/2015 11:42 AM, Vadim Kochan wrote:
On Thu, Jun 18, 2015 at 10:45:29AM +0200, Daniel Borkmann wrote:
I've started splitting this into smaller digestible chunks,
couple
On Fri, Jun 19, 2015 at 10:47:49PM +0200, Daniel Borkmann wrote:
On 06/18/2015 11:49 AM, Daniel Borkmann wrote:
On 06/18/2015 11:42 AM, Vadim Kochan wrote:
On Thu, Jun 18, 2015 at 10:45:29AM +0200, Daniel Borkmann wrote:
I've started splitting this into smaller digestible chunks,
couple
On Mon, Jun 22, 2015 at 03:55:01PM +0200, Daniel Borkmann wrote:
On 06/21/2015 07:02 PM, Vadim Kochan wrote:
...
Not sure if it is necessary to use libnet by trafgen as it is used by mz
to generate packets ? It will add the new dependency, but seems it can
simplify generation of the proto
On Tue, Jun 23, 2015 at 05:40:03PM +, James Burnett wrote:
Hi team,
I’m using Netsniff (primarily for mausezahn) in a large lab setup. I’ve
installed it successfully from source on Ubuntu 14.04 this morning, but when
trying to do the same on Debian 7.8 (wheezy), I run into the
On Wed, Jun 24, 2015 at 09:25:12AM +0300, Vadim Kochan wrote:
On Tue, Jun 23, 2015 at 05:40:03PM +, James Burnett wrote:
Hi team,
I’m using Netsniff (primarily for mausezahn) in a large lab setup. I’ve
installed it successfully from source on Ubuntu 14.04 this morning, but
when
On Fri, Jun 19, 2015 at 12:08:57AM +0200, Daniel Borkmann wrote:
On 06/18/2015 03:24 PM, Vadim Kochan wrote:
On Thu, Jun 18, 2015 at 11:07:12AM +0200, Daniel Borkmann wrote:
On 06/18/2015 10:57 AM, Vadim Kochan wrote:
...
Not yet, but I will try keep thinking about this, and will let know
On Sun, Jun 21, 2015 at 08:02:40PM +0300, Vadim Kochan wrote:
On Sat, Jun 20, 2015 at 01:10:45AM +0200, Daniel Borkmann wrote:
On 06/20/2015 12:25 AM, Vadim Kochan wrote:
...
Ok, how would all of this tie together with flex and bison that we
use for trafgen as parser generator? It looks
From: Vadim Kochan vadi...@gmail.com
Print minimum needed packet size in case if validation error.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/trafgen.c b/trafgen.c
index 53320fe..93bb1b4 100644
On Sat, Jun 27, 2015 at 04:57:10AM +0300, Vadim Kochan wrote:
Hi,
This is the 1-st try version of how I see the protocol generation API for
the
trafgen util as mz replacement (at least for better performance).
I am sending this just because to get your feedback about conceptual idea
From: Vadim Kochan vadi...@gmail.com
Move piece of code from netsniff-ng.c to str.c as func which
converts cmdline args vector to string.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng.c | 18 ++
str.c | 23 +++
str.h | 1 +
3
From: Vadim Kochan vadi...@gmail.com
Add current_packet() helper for getting current
used packet and make it public to other modules.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 5 +
2 files changed, 7 insertions(+)
diff --git
From: Vadim Kochan vadi...@gmail.com
Make public such funcs:
set_byte, set_fill, set_multi_byte, realloc_packet
to be used by proto gen code.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen_conf.h | 5 +
trafgen_parser.y | 8
2 files changed, 9 insertions(+), 4
From: Vadim Kochan vadi...@gmail.com
Add str2bytes func for converting hexadecimal string to bytes:
abcd a AA:BB - { 0xab 0xcd 0x0a 0xaa 0xbb }
It is needed to be used when specifying protocol payload for
trafgen proto command line.
Signed-off-by: Vadim Kochan vadi...@gmail.com
From: Vadim Kochan vadi...@gmail.com
Move ctx struct to trafgen.h to be used from other modules.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen.c | 16 +---
trafgen.h | 21 +
2 files changed, 22 insertions(+), 15 deletions(-)
create mode 100644
if there are multiple protocols
specified - their should be separated by , after last param value of
the previous protocol.
I think the picture will be more clear after adding IP protocol with checksum
handling.
Vadim Kochan (6):
trafgen: Move ctx struct to separated header
str: Add converting cmdline args
From: Vadim Kochan vadi...@gmail.com
Dissect basic rtnl neighbour info.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_nlmsg.c | 101 ++
1 file changed, 101 insertions(+)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index 9dc9f6b
writing mz from empty
page ?
What do you think ?
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com
On Thu, Jun 18, 2015 at 10:45:29AM +0200, Daniel Borkmann wrote:
I've started splitting this into smaller digestible chunks,
couple of more evenings and it should be done from my side.
Thanks for your patience.
Yes I was pulling these changes last night, I will try to follow this
way in the
On Thu, Jun 18, 2015 at 10:51:44AM +0200, Daniel Borkmann wrote:
On 06/18/2015 01:30 AM, Vadim Kochan wrote:
Hi,
I tried to look over mz tool and try to start adding TX fast path as it
is done in trafgen but I am not sure it will be easy, for me it seems the
code is not easy to change.
I
On Thu, Jun 18, 2015 at 10:45:29AM +0200, Daniel Borkmann wrote:
I've started splitting this into smaller digestible chunks,
couple of more evenings and it should be done from my side.
Thanks for your patience.
But implementation now is OK in the last original patch series v2 ?
--
You
dissector_sll.c to dissect packets with Linux cooked header.
Meanwhile it can dump only Netlink Ethernet protos (L3 layer). This
dissector is used if link type is LINKTYPE_LINUX_SLL.
Vadim Kochan (3):
dev: Add device string convertions (addr, dev type)
netsniff-ng: Add support of Linux cooked header
From: Vadim Kochan vadi...@gmail.com
This series adds supporting of Linux cooked header
http://www.tcpdump.org/linktypes/LINKTYPE_NETLINK.html
which is compatible with Wireshark. Also it can be dissected by new
dissector_sll.c while dumping.
Needs to test on archs's with different byte
From: Vadim Kochan vadi...@gmail.com
Added dissector_sll.c which uses sockaddr_ll to lookup print
higher L3 layer protocol.
This dissector is mapped by LINKTYPE_LINUX_SLL link type.
Sample output of dissected Netlink Ethernet packets.
Truncated manually some longer lines by ...:
nlmon0 20
On Tue, May 19, 2015 at 05:10:38PM +0300, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Dump RTnetlink interface related info with attributes.
Hi,
Pinging in case if this was lost.
Thanks,
--
You received this message because you are subscribed to the Google Groups
netsniff
On Mon, Jun 01, 2015 at 02:09:39AM +0200, Daniel Borkmann wrote:
On 05/22/2015 04:45 PM, Vadim Kochan wrote:
Use pcap cooked header for Netlink messages as described here:
http://www.tcpdump.org/linktypes/LINKTYPE_NETLINK.html
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
RFC
On Tue, Jun 02, 2015 at 12:57:56PM +0200, Daniel Borkmann wrote:
On 06/02/2015 11:24 AM, Vadim Kochan wrote:
On Tue, Jun 02, 2015 at 10:51:01AM +0200, Daniel Borkmann wrote:
On 06/02/2015 10:44 AM, Vadim Kochan wrote:
On Tue, Jun 02, 2015 at 10:36:12AM +0200, Daniel Borkmann wrote:
On 06/01
Hi,
There are some examples of the possible proto syntax:
{ eth(src=AA:BB:CC:DD:DD:FF, dst=11:22:33:44:55:66, proto=0x0800),
tcp(flags=syn|ack, dport=rand) }
{ dns(q=xxx.com) }
Here is an example of little complicated param's value which might require more
parameters:
On Wed, Jul 1, 2015 at 11:38 AM, Vadim Kochan vadi...@gmail.com wrote:
Hi,
There are some examples of the possible proto syntax:
{ eth(src=AA:BB:CC:DD:DD:FF, dst=11:22:33:44:55:66, proto=0x0800),
tcp(flags=syn|ack, dport=rand) }
{ dns(q=xxx.com) }
Here is an example
On Mon, Jun 29, 2015 at 03:58:51AM +0300, Vadim Kochan wrote:
Hi,
This is the 1-st try version of how I see the protocol generation API for
the
trafgen util as mz replacement (at least for better performance).
I am sending this just because to get your feedback about conceptual idea
Hi,
Since the possible fix was comitted there was no response from #jonship
may be it can be closed ?
https://github.com/netsniff-ng/netsniff-ng/issues/73
Regards,
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group
From: Vadim Kochan vadi...@gmail.com
While removing flow which is pointed by 'head' then
head is set to NULL and all the list disappears, so fixed
by set removing flow next entry to list 'head'.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
flowtop.c | 4 +++-
1 file changed, 3 insertions
From: Vadim Kochan vadi...@gmail.com
Fixed issue when flowtop hangs be cause of wrong using
pthread cond lockiing, so the lock should be locked first
by calling thread before call to pthread_cond_wait.
Signed-off-by: Vadim Kochan vadi...@gmail.com
Fixes: 451275470106 (flowtop: Don't init screen
Add net_utils.c module with str2mac str2addr helper functions.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
net_utils.c | 41 +
net_utils.h | 7 +++
2 files changed, 48 insertions(+)
create mode 100644 net_utils.c
create mode 100644
protocol.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_gen.c | 157
proto_gen.h | 68
trafgen.c| 238 +--
trafgen/Makefile | 1 +
4 files changed, 459
Move ctx struct to trafgen.h to be used from other modules.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen.c | 16 +---
trafgen.h | 21 +
2 files changed, 22 insertions(+), 15 deletions(-)
create mode 100644 trafgen.h
diff --git a/trafgen.c b
Add str2bytes func for converting hexadecimal string to bytes:
abcd a AA:BB - { 0xab 0xcd 0x0a 0xaa 0xbb }
It is needed to be used when specifying protocol payload for
trafgen proto command line.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
str.c | 64
Add current_packet() helper for getting current
used packet and make it public to other modules.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
trafgen_conf.h | 2 ++
trafgen_parser.y | 5 +
2 files changed, 7 insertions(+)
diff --git a/trafgen_conf.h b/trafgen_conf.h
index b286810
From: Vadim Kochan vadi...@gmail.com
Add the same note about using iptables to activate conntrack as it is
already described in 'flowtop -h', just to keep it in the man page too.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
flowtop.8 | 13 +++--
1 file changed, 11 insertions(+), 2
From: Vadim Kochan vadi...@gmail.com
Add proto_vlan.h with helpers to parse VLAN fields.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
proto_vlan.c | 7 ---
proto_vlan.h | 27 +++
2 files changed, 31 insertions(+), 3 deletions(-)
create mode 100644 proto_vlan.h
will be used when there will be some
unified
tpacket struct with version field, because current code can indicate only if
tpacket v3
is used.
Vadim Kochan (2):
netsniff-ng: vlan: Use helpers when parse vlan header
netsniff-ng: vlan: Show vlan info from tpacket v3
dissector.h | 11
Allow to collect rx stats for multiple pcap mode, by storing
them in separated variables before switch to the next pcap file.
It allows to have the one approach when dump for single or multiple
pcap(s) mode.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
netsniff-ng.c | 115
On Tue, Jun 30, 2015 at 11:41:04AM +0200, Daniel Borkmann wrote:
On 06/29/2015 02:58 AM, Vadim Kochan wrote:
Hi,
This is the 1-st try version of how I see the protocol generation API for
the
trafgen util as mz replacement (at least for better performance).
I am sending this just because
On Mon, Jul 27, 2015 at 11:01:10AM +0300, Vadim Kochan wrote:
On Mon, Jul 27, 2015 at 09:53:58AM +0200, Daniel Borkmann wrote:
On 07/27/2015 12:20 AM, Vadim Kochan wrote:
On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote:
On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann
From: Vadim Kochan vadi...@gmail.com
Show bytes/pkts counters per src/dst direction.
By default counters originated from dst are showed.
Src counters are showed only if '-s' is specified.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
flowtop.c | 40
From: Vadim Kochan vadi...@gmail.com
Add some explanation about traffic counters enabling via
sysctl and its limitation.
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
flowtop.8 | 19 ++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/flowtop.8 b/flowtop.8
1 - 100 of 520 matches
Mail list logo