Hi Arne,
On 10/30/2014 11:44 AM, Arne Bier (abier) wrote:
Hi Stefano
Can you please give me an example of how this bonding is done? If it’s easily
done then I may consider this.
For bonding driver (I'm not sure how up to date it is though):
http://lingrok.org/xref/linux-net-next/Documentation/networking/bonding.txt
For team driver:
https://github.com/jpirko/libteam/
Both drivers are available in upstream kernels, team driver is lightweight on
the kernel side and has its complexity/configuration management all mostly in
user space, but pick what suits you resp. is available. ;)
In my case I am working on a customer’s machine and I cannot install any
packages without going through some hoops. I did however ask them to install
tcpdump because it met my immediate requirements. I am not against netsniff-ng
(in fact I was happy to learn that there was something newer floating around) –
but I also did not expect such a fuss around this simple requirement that I had.
In an earlier posting, Daniel Borkmann suggested getting the latest version
from github (git clone git://github.com/netsniff-ng/netsniff-ng.git ).
I don’t have experience with git or the means to perform such a thing at the
customer site – but I wonder whether anyone out there can confirm that the
latest version offers an easier method of operation ?
As an example:
# mkdir /tmp/foo/
# cd /tmp/foo/
1.1) Download via git:
# git clone git://github.com/netsniff-ng/netsniff-ng.git
# cd netsniff-ng/
1.2) Download via wget:
# wget http://pub.netsniff-ng.org/netsniff-ng/netsniff-ng-0.5.9-rc4.tar.bz2
# tar xvf netsniff-ng-0.5.9-rc4.tar.bz2
# cd netsniff-ng-0.5.9-rc4/
2) Build, etc:
# ./configure
[*] Checking pkg-config ... [YES]
[*] Checking flex ... [YES]
[*] Checking bison ... [YES]
[*] Checking nacl ... [YES]
[*] Checking libnl ... [YES]
[*] Checking tpacket_v2 ... [YES]
[*] Checking tpacket_v3 ... [YES]
[*] Checking libnetfilter-conntrack ... [YES]
[*] Checking ncurses ... [YES]
[*] Checking libGeoIP ... [YES]
[*] Checking libz ... [YES]
[*] Checking liburcu ... [YES]
[*] Checking libpcap ... [YES]
[*] Checking hw timestamping ... [YES]
[*] Checking libcli ... [YES]
[*] Checking libnet ... [YES]
[*] Generating config.h ...
[*] Looks good! All tools will be built!
(Note: here all tools will be built, but I guess you don't need all of them.)
# make
# ./netsniff-ng/netsniff-ng -v
netsniff-ng 0.5.9-rc4+ (Cilonen), Git id: v0.5.9-rc4-35-g07fa58f
[...]
# ./netsniff-ng/netsniff-ng -i any -o foo.pcap -s
[...]
Hope that helps.
Regards
Arne
From: Stefano Pirrello [mailto:[email protected]]
Sent: 29 October 2014 21:21
To: [email protected]
Cc: Arne Bier (abier)
Subject: Re: Does netsniff-ng support capturing on multiple interfaces?
Have you tried bonding the interfaces to achieve this? That's how I have my
setup working.
On Wednesday, October 15, 2014 5:45:06 AM UTC-4, Arne Bier wrote:
Hi
Assuming I have more than one ethernet interface on my linux server (e.g.
eth0 and eth1) I have tried -dev eth0 -dev eth1 and although the syntax
seems legal, it only captures from the final -dev argument.
I have used tcpdump -i any in the past and I am looking for some way of
doing the same with netsniff-ng
regards
Arne
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
