(e.g. wlan packets) w/o having some special setup.
Signed-off-by: Vadim Kochan
---
v2:
1) Fixed "Failed ..." -> "Failed to ..." error messages
2) Fixed indentation in dev_io struct at pcap_magic field
3) Removed not needed dev_net_close function
4) Removed spac
Trim output name to IFNAMSIZ only if the output is a networking device,
otherwise the following error occured if output name is greater then IFNAMSIZ:
~/src/netsniff-ng$ trafgen -n 1 '{ udp() }' -o /tmp/xx.pcap
No networking device or pcap file: /tmp/xx
On Mon, Jun 12, 2017 at 11:38 PM, Vadim Kochan wrote:
> Trim output name to IFNAMSIZ only if the output is a networking device,
> otherwise the following error occured if output name is greater then
> IFNAMSIZ:
>
> ~/src/netsniff-ng$ trafgen -n 1 '{ udp() }' -o
&
Trim output name to IFNAMSIZ only if the output is a networking device,
otherwise the following error occured if output name is greater then IFNAMSIZ:
~/src/netsniff-ng$ trafgen -n 1 '{ udp() }' -o /tmp/xx.pcap
No networking device or pcap file: /tmp/xx
Simplify a bit of creation rfraw device by delegating it to the dev_io
API, also in case the output device is pcap file the --rfraw option
sets the link type to ieee80211 radio tap.
Signed-off-by: Vadim Kochan
---
trafgen.8 | 3 ++-
trafgen.c | 25
Simplify a bit of creation rfraw device by delegating it to the dev_io
API, also in case the output device is pcap file the --rfraw option
sets the link type to ieee80211 radio tap.
Signed-off-by: Vadim Kochan
---
trafgen.8 | 3 ++-
trafgen.c | 25
Hi Zhouyang Jia,
Your fix looks reasonable.
Would you please send patch in git-format (you can look at
SubmittingPatches file),
or send a pull request ?
Thanks,
Vadim Kochan
On Mon, Jul 24, 2017 at 5:08 PM, Zhouyang Jia
wrote:
> Hi,
>
> I'm new to netsniff-ng and I find that
f-by: Vadim Kochan
---
trafgen.8| 4 +-
trafgen.c| 54 ++--
trafgen/Makefile | 1 +
trafgen_conf.h | 2 +
trafgen_dev.c| 36 +++-
trafgen_dev.h| 4 +-
trafgen_dump.c | 256 +++
trafgen_dump.h |
ated
packet.
Before dump the default ETH_PROTO fields are applied as first header and
then next proto_hdr is identified via .get_next_proto(...) callback.
Meanwhile only eth, arp, vlan, ip4, udp, & tcp protos can be dissected
into *.cfg format.
Vadim Kochan (3):
trafgen: Get packet from prot
allocated packet.
Signed-off-by: Vadim Kochan
---
trafgen_l3.c| 4 ++--
trafgen_l4.c| 4 ++--
trafgen_proto.c | 10 --
trafgen_proto.h | 3 +++
4 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 7199b89..48790e5 100644
--- a/trafgen_l3.c
Refactor dev_io_ops read & write to specify struct packet *,
it may simplify a bit a caller logic. And it allow to keep
required members within one struct packet object.
Signed-off-by: Vadim Kochan
---
trafgen.c| 25 -
trafgen_conf.h | 2 +-
trafgen_d
f-by: Vadim Kochan
---
trafgen.8| 4 +-
trafgen.c| 54 ++--
trafgen/Makefile | 1 +
trafgen_conf.h | 2 +
trafgen_dev.c| 36 +++-
trafgen_dev.h| 4 +-
trafgen_dump.c | 258 +++
trafgen_dump.h |
ated
packet.
Before dump the default ETH_PROTO fields are applied as first header and
then next proto_hdr is identified via .get_next_proto(...) callback.
Meanwhile only eth, arp, vlan, ip4, udp, & tcp protos can be dissected
into *.cfg format.
v2:
1) Missed local patch
Vadim Kochan (3):
Refactor dev_io_ops read & write to specify struct packet *,
it may simplify a bit a caller logic. And it allow to keep
required members within one struct packet object.
Signed-off-by: Vadim Kochan
---
trafgen.c| 25 -
trafgen_conf.h | 2 +-
trafgen_d
allocated packet.
Signed-off-by: Vadim Kochan
---
trafgen_l3.c| 4 ++--
trafgen_l4.c| 4 ++--
trafgen_proto.c | 10 --
trafgen_proto.h | 3 +++
4 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/trafgen_l3.c b/trafgen_l3.c
index 7199b89..48790e5 100644
--- a/trafgen_l3.c
Thanks Paolo! Shame on me, I did not test it properly :(
On Wed, Sep 13, 2017 at 6:54 PM, Paolo Abeni wrote:
> The commit 78c13b71e196 ("trafgen: Allow to generate packets
> to output pcap file") introduced a regression when output is
> a network device and multiple CPU are in use: the packet
>
Hi Lupe,
Which version do you use ?
Regards,
Vadim Kochan
On Wed, Nov 22, 2017 at 8:43 PM, Lupe Villalpando <
lupe.villalpa...@yardi.com> wrote:
> this is the command i am running
>
> astraceroute -i eth0 -N -S -H netsniff-ng.org
>
>
> --
&g
Hi All,
I just noticed there some bug reports, I will look on them on weekend, I
assume it is better
to wait with release unless isues will be fixed ?
Regards,
Vadim
On Fri, Dec 8, 2017 at 6:57 PM, @mandarg wrote:
> On Friday, October 20, 2017 at 9:29:28 AM UTC-4, Tobias Klauser wrote:
> > The
if its possible.
Regards,
Vadim Kochan
On Thu, Dec 14, 2017 at 2:47 PM, Tobias Klauser wrote:
> On 2017-12-11 at 09:08:15 +0100, Tobias Klauser
> wrote:
> > On 2017-12-08 at 18:30:24 +0100, Vadim Kochan wrote:
> > > Hi All,
> > >
> > > I just noticed ther
Use cds_list_del_rcu for safer deletion flow from the process flow
list to prevent possible use-after-free by UI thread when it is
refreshing the processes.
It may fix the #183 issue.
Signed-off-by: Vadim Kochan
---
flowtop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a
Hi Chandra,
Sorry for the late response !
Would you please provide commands which did you use ?
Thanks!
On Tue, Dec 5, 2017 at 1:26 PM, wrote:
> while running trafgen commands , i am getting segmentation fault (cpre
> dump).
>
> can someone please guide me to move further ?
>
> Thanks,
> Chan
ff-by: Vadim Kochan
---
flowtop.c | 30 --
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 8b69d65..7de4d11 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -470,20 +470,24 @@ static struct flow_entry *flow_list_find_id(struct
flow
Thats really strange, because before this patch I really easy triggered the
issue, but
now I cant.
On Tue, Dec 19, 2017 at 11:12 AM, Tobias Klauser
wrote:
> On 2017-12-18 at 23:38:18 +0100, Vadim Kochan wrote:
> > There is missing logic which removes flown entry from
> > relat
May it possible that you tried flowtop compiled without the fix ?
On Tue, Dec 19, 2017 at 12:18 PM, Vadim Kochan wrote:
> Thats really strange, because before this patch I really easy triggered
> the issue, but
> now I cant.
>
> On Tue, Dec 19, 2017 at 11:12 AM, Tobias Klauser
&
On Tue, Dec 19, 2017 at 12:30 PM, Tobias Klauser
wrote:
> On 2017-12-19 at 11:24:40 +0100, Vadim Kochan wrote:
> > May it possible that you tried flowtop compiled without the fix ?
>
> No, I made sure to have the patch applied and recompiled flowtop. I can
> still quite reli
;
Hi Jack!
Thank you for suggestions and report! Regarding trafgen -b option you mean
that is would be better
if the packets delay was better normalized regarding the rate ?
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng&
Weican Liu
>
>
>
Looks like it needs to be implemented.
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr.
From: Vadim Kochan
Date: Sat, 10 Jan 2015 00:35:10 +0200
Added error messages which caused the error
state of the socket functions, so it makes message like:
$ ./netsniff-ng/netsniff-ng -i wlp3s0
Creation of PF socket failed: Operation not permitted
more understandable.
Signed-off-by
From: Vadim Kochan
Add following files to ignore list:
astraceroute/astraceroute
bpfc/bpfc
curvetun/curvetun
curvetun/abiname
flowtop/flowtop
ifpps/ifpps
mausezahn/mausezahn
netsniff-ng/netsniff-ng
trafgen/trafgen
Signed-off-by: Vadim Kochan
---
.gitignore
From: Vadim Kochan
It might be useful to filter out interesting traffic
from input pcap to output pcap file which will contain only
filtered packets:
$ netsniff-ng -i input.pcap -o output.pcap ip src 192.168.1.198
Now it is possible by specifying output pcap file with ".pcap"
From: Vadim Kochan
I have no enough arguments for this fix but it
fixes the failing of geoip updating.
Seems "shutdown(..)" closes socket too early.
So shutdown(...) is removed and added "Connection: close"
http header which says http server to close connection after
r
Hi All,
I am trying to make some changes to mz and mz has the really (for me)
specific code style, so which code style should I use ? I suppose it
should be kernel style coding ?
Thanks,
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubs
Fixed warnings:
Warning: [lookupdev.c get_dev_params()] Cannot open socket!
when specify help for packet type:
# mz -t tcp help
Also fixes delayed output of the same command if user is root.
Signed-off-by: Vadim Kochan
---
staging/mausezahn.c | 18 --
1 file changed
From: Vadim Kochan
Changed to print packet types by '-t help' earlier
bofore mz will try to identify link device to bind.
Signed-off-by: Vadim Kochan
---
mausezahn.8 | 2 +-
staging/mausezahn.c | 138 ++--
2 files c
On Mon, Feb 23, 2015 at 02:11:57PM +0200, Vadim Kochan wrote:
> From: Vadim Kochan
>
> Changed to print packet types by '-t help' earlier
> bofore mz will try to identify link device to bind.
>
> Signed-off-by: Vadim Kochan
> ---
Hi,
Just pinging about this
From: Vadim Kochan
Signed-off-by: Vadim Kochan
---
staging/layer3.c| 20 +--
staging/layer4.c| 101
staging/mausezahn.c | 28 +--
staging/mz.h| 38 ++--
4 files changed, 155 insertions
From: Vadim Kochan
In case if main thread already initialized screen but
then collector called panic, the process exits but
console stays with the same colored screen and shifted shell prompt.
Fixed by adding conditional variable locking.
Signed-off-by: Vadim Kochan
---
flowtop.c | 9
From: Vadim Kochan
Signed-off-by: Vadim Kochan
---
flowtop.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 33a110c..e7a1bfa 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -448,7 +448,7 @@ static void walk_processes(struct flow_entry *n
From: Vadim Kochan
mz fails start in cli mode and prints each time different pcap errors:
$ mz -x -V
fatal flex scanner internal error--end of buffer missed
rx_arp: [ERROR] Error calling pcap_compile
or simply shutdowns. Sometimes it successfully gets up.
Seems some
On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
> I was hoping you could give me debugging tips. I checked all I could (dmesg,
> echo 1 > rp_filter, strace -f), and I couldn't see anything suspicious. I
> have nothing in my iptables or tc, and tso is off.The exact command line is
>
On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
> On 03/23/2015 11:37 AM, Vadim Kochan wrote:
> >On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
> ...
> >Thats what I got on 3.18 with the same cfg file:
> >
> >$ trafgen/trafgen -
On Mon, Mar 23, 2015 at 01:07:24PM +0200, Vadim Kochan wrote:
> On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
> > On 03/23/2015 11:37 AM, Vadim Kochan wrote:
> > >On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
> > ...
> > >Thats
On Mon, Mar 23, 2015 at 02:03:54PM +0200, Vadim Kochan wrote:
> On Mon, Mar 23, 2015 at 01:07:24PM +0200, Vadim Kochan wrote:
> > On Mon, Mar 23, 2015 at 12:12:54PM +0100, Daniel Borkmann wrote:
> > > On 03/23/2015 11:37 AM, Vadim Kochan wrote:
> > > >On Mon, Ma
From: Vadim Kochan
Trafgen uses all the online cpus even if number of packets specified
by -n is less than numbers of selected cpus.
Such behaviour leads to issues:
- trafgen re-calculates number of packets per cpu which
leads to rounding it to 0 then no packets will be sent
On Sun, Mar 22, 2015 at 01:48:50PM +0200, Vadim Kochan wrote:
> From: Vadim Kochan
>
> mz fails start in cli mode and prints each time different pcap errors:
>
> $ mz -x -V
> fatal flex scanner internal error--end of buffer missed
> rx_arp: [ERROR] Error
On Mon, Mar 30, 2015 at 02:00:25PM +0200, Tobias Klauser wrote:
> On 2015-03-24 at 12:20:39 +0100, Vadim Kochan wrote:
> > From: Vadim Kochan
> >
> > Trafgen uses all the online cpus even if number of packets specified
> > by -n is less than numbers of selected cpus.
From: Vadim Kochan
Trafgen uses all the online cpus even if number of packets specified
by -n is less than numbers of selected cpus.
Such behaviour leads to issues:
- trafgen re-calculates number of packets per cpu which
leads to rounding it to 0 then no packets will be sent
On Tue, Mar 31, 2015 at 05:28:11PM +0200, Tobias Klauser wrote:
> On 2015-03-31 at 11:29:58 +0200, Vadim Kochan wrote:
> > From: Vadim Kochan
> >
> > Trafgen uses all the online cpus even if number of packets specified
> > by -n is less than numbers of selected cpus.
From: Vadim Kochan
While sniffing nlmon device the procness name can be
printed with non-letter characters because readlink does not
put line ending '\0'
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/proto
From: Vadim Kochan
Fixed case when netsniff fails if there is already existing monX device
while generating.
Signed-off-by: Vadim Kochan
---
dev.c | 15 ---
dev.h | 1 +
mac80211.c | 4
3 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/dev.c b/dev.c
From: Vadim Kochan
netsniff does not delete created rfmon device in case of
panic (for example - bad pcap filter expression), so added ability to
add callback func when panic will be happen and delete rfmon device.
Signed-off-by: Vadim Kochan
---
astraceroute/Makefile | 1 +
bpfc/Makefile
From: Vadim Kochan
Signed-off-by: Vadim Kochan
---
proto_80211_mac_hdr.c | 9 +
str.c | 8
str.h | 1 +
3 files changed, 18 insertions(+)
diff --git a/proto_80211_mac_hdr.c b/proto_80211_mac_hdr.c
index 9bd6ee1..41ce265 100644
--- a
On Tue, Apr 21, 2015 at 12:30:07PM +0200, Daniel Borkmann wrote:
> Hi Vadim,
>
> On 04/17/2015 09:04 PM, Vadim Kochan wrote:
> >From: Vadim Kochan
> >
> >Fixed case when netsniff fails if there is already existing monX device
> >while generating.
> >
> &
On Tue, Apr 21, 2015 at 03:24:33PM +0200, Tobias Klauser wrote:
> On 2015-04-20 at 13:51:40 +0200, Vadim Kochan wrote:
> > From: Vadim Kochan
>
> Please always add a short description, even if it's restating what
> subject already says. I added one for this.
>
> A
From: Vadim Kochan
Add error cause message when ioprio_setpid fails.
Signed-off-by: Vadim Kochan
---
iosched.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iosched.c b/iosched.c
index 7417973..ff82126 100644
--- a/iosched.c
+++ b/iosched.c
@@ -47,7 +47,7 @@ static void
From: Vadim Kochan
Changed to use ctx->gid when call getgid() on init_ctx.
Signed-off-by: Vadim Kochan
---
netsniff-ng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/netsniff-ng.c b/netsniff-ng.c
index c0d70c8..4ad8b19 100644
--- a/netsniff-ng.c
+++ b/netsniff-n
Hi,
It is not possible to just read pcap by netsniff-ng if user permissions
does not allow to set processes IO prio, so it is really needed to do it
just for print pcap file ?
Thanks,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsni
On Wed, Apr 22, 2015 at 05:02:52PM +0200, Daniel Borkmann wrote:
> On 04/22/2015 05:00 PM, Vadim Kochan wrote:
> >Hi,
> >
> >It is not possible to just read pcap by netsniff-ng if user permissions
> >does not allow to set processes IO prio, so it is really needed to d
On Wed, Apr 22, 2015 at 05:37:42PM +0200, Daniel Borkmann wrote:
> On 04/22/2015 05:09 PM, Vadim Kochan wrote:
> ...
> >Sure, I will try to fix it, really I dont have a fix yet. The issue goes
> >from pcap ops in init one function, where IO prio is set, the first
> >think
From: Vadim Kochan
It allows to read pcap file for users who have no
permissions to set process IO prio.
Signed-off-by: Vadim Kochan
---
netsniff-ng.c | 6 +++---
pcap_io.h | 2 +-
pcap_mm.c | 5 +++--
pcap_rw.c | 5 +++--
pcap_sg.c | 5 +++--
5 files changed, 13 insertions
On Wed, Apr 22, 2015 at 05:37:42PM +0200, Daniel Borkmann wrote:
> On 04/22/2015 05:09 PM, Vadim Kochan wrote:
> ...
> >Sure, I will try to fix it, really I dont have a fix yet. The issue goes
> >from pcap ops in init one function, where IO prio is set, the first
> >think
Expl CSI Feedb Cap (0),
Ant Indic Feedb Cap (0),
Rec ASEL Cap (0),
Transm Sound PPDUs Cap (0),
Res (0x0)
Reserved (21, Len (110)): Failed to dissect Subtype ]
Regards,
Vadim Kochan
--
You received this message
On Thu, Apr 23, 2015 at 12:05:55AM +0200, Daniel Borkmann wrote:
> On 04/22/2015 11:50 PM, Vadim Kochan wrote:
> ...
> >I think that "HT Capabilities" element info should be showed in more
> >structured view so
> >it will be more readable what do you think ?
From: Vadim Kochan
Now it looks like:
[ Subtype Beacon: Timestamp 0x74c5c180, Beacon Interval (0.102400s),
Capabilities (0x431 <-> ESS; Privacy; Short Preamble; Short Slot Time;)
Parameters:
SSID (0, Len (6)): D07F82
Supp. Rates (1,
From: Vadim Kochan
< ? 100 1429707903s.33856000ns (#1)
[ Radiotap Version (0), Length (26), Flags (0x482f) ]
[ 802.11 Frame Control (0x0040)]
[ Proto Version (0), Type (0, Management), Duration (0),
Destination (ff:ff:ff:ff:ff:ff)
Source (00:23:14:da:1c:fc) =>
From: Vadim Kochan
nlmsg proto handler can't identify Netlink protocol
from nlmsghdr, so sockaddr_ll can be used to get it.
Also renamed [proto -> handler] member in pkt_buff struct,
which is more understandable.
Example:
>U nlmon0 4756 1429891435s.14505747ns
[ NLMSG Proto 0 (RTNE
On Thu, Apr 23, 2015 at 02:24:16PM +0300, Vadim Kochan wrote:
> static inline void __show_frame_hdr(uint8_t *packet, size_t len, int
> linktype,
> struct sockaddr_ll *s_ll, void *raw_hdr,
> - int m
>
> Why pass the count as as pointer in the first place? I'd rather pass it
> by value and do the increment at the calling site (even if it means a
> bit of code duplication).
I will re-work this, thanks.
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng
From: Vadim Kochan
Print nlmsg type name for rtnetlink messages
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 84 +--
1 file changed, 82 insertions(+), 2 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index b219867..c5ef9d5
From: Vadim Kochan
As probe request frame consist only with IE params so just
do a similar print of these params as it was done for beacon.
Also using mgmt_{func}_dissect naming for mgmt frame dissectors.
Signed-off-by: Vadim Kochan
---
proto_80211_mac_hdr.c | 16 +---
1 file
From: Vadim Kochan
> wlp3s0 107 1430159373s.693002029ns (#5)
[ Eth MAC (6c:88:14:ac:51:e4 => 10:fe:ed:90:22:12), Proto (0x0800, IPv4) ]
Signed-off-by: Vadim Kochan
---
dissector.h | 18 +++---
netsniff-ng.c | 13 -
2 files changed, 19 insertions(+), 12 del
On Mon, Apr 27, 2015 at 04:29:40PM +0300, Vadim Kochan wrote:
> From: Vadim Kochan
>
> Print nlmsg type name for rtnetlink messages
>
> Signed-off-by: Vadim Kochan
> ---
> proto_nlmsg.c | 84
> +--
> 1 file c
On Tue, Apr 28, 2015 at 01:27:19PM +0300, Vadim Kochan wrote:
> On Mon, Apr 27, 2015 at 04:29:40PM +0300, Vadim Kochan wrote:
> > From: Vadim Kochan
> >
> > Print nlmsg type name for rtnetlink messages
> >
> > Signed-off-by: Vadim Kochan
On Mon, Apr 27, 2015 at 04:29:40PM +0300, Vadim Kochan wrote:
> From: Vadim Kochan
>
> Print nlmsg type name for rtnetlink messages
>
> Signed-off-by: Vadim Kochan
> ---
> proto_nlmsg.c | 84
> +--
> 1 file c
From: Vadim Kochan
Print 'IE:' prefix before each mgmt IE parameter which
should be more readable and it allows easy identify next element
while the listing the big one:
Also removed 1 TAB in "HT Capabilities" fields.
P mon0 288 1430230360s.696547150ns
[ Radiotap Ver
From: Vadim Kochan
Print nlmsg type name for rtnetlink messages
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 84 +--
1 file changed, 82 insertions(+), 2 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index 51b303f..1e34056
From: Vadim Kochan
It might be related to the issue #73 noticed by
Jon Schipp
where he pointed that netsniff-ng captures some extra packets.
I observed this issue when I captured few Ethernet frames from
wireless device while I was sniffing Netlink monitor device (!!!),
especially
From: Vadim Kochan
It might be related to the issue #73 noticed by
Jon Schipp
where he pointed that netsniff-ng captures some extra packets.
I observed this issue when I captured few Ethernet frames from
wireless device while I was sniffing Netlink monitor device (!!!),
especially
ups
> "netsniff-ng" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to netsniff-ng+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Hi,
What about if netsniff-ng can fork children so each chi
he captured files
from these subdirectories ... well I hope my explanation is basically
clear ... sorry if you did not understand my poor English:)
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from th
From: Vadim Kochan
Print nlmsg type name for rtnetlink messages
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 89 +--
1 file changed, 87 insertions(+), 2 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index 51b303f..f84759a
On Sat, May 02, 2015 at 07:00:53PM +0200, Tobias Klauser wrote:
> On 2015-04-29 at 21:18:24 +0200, Vadim Kochan wrote:
> > From: Vadim Kochan
> >
> > It might be related to the issue #73 noticed by
> >
> > Jon Schipp
> >
> > where he pointed
From: Vadim Kochan
Fixed case when rfmon mac80211 created device remains
after trafgen failed (for ex. - incorrect cfg file),
so just delete it when panic occured.
Also made panic handlers invoking per process and only once.
Signed-off-by: Vadim Kochan
---
die.c | 27
From: Vadim Kochan
As Probe Response frame is very similar to Beacon
(except some IEs which are identified dynamically)
so lets just use the same func to dissect it.
Signed-off-by: Vadim Kochan
---
proto_80211_mac_hdr.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a
From: Vadim Kochan
Rename xxx_panic_func(s) to xxx_panic_handler(s)
which is more understandable than 'func'.
Signed-off-by: Vadim Kochan
---
die.c | 4 ++--
die.h | 8
netsniff-ng.c | 2 +-
trafgen.c | 2 +-
4 files changed, 8 insertions(+), 8 deletion
On Mon, May 04, 2015 at 11:11:21AM +0300, Vadim Kochan wrote:
> From: Vadim Kochan
>
> Rename xxx_panic_func(s) to xxx_panic_handler(s)
> which is more understandable than 'func'.
>
> Signed-off-by: Vadim Kochan
> ---
> die.c | 4 ++--
> die.h
From: Vadim Kochan
Print similar header fields in less mode as it is done in
full mode.
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 30 +-
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index e8706a2..6d24fef
issue before making a next release, or if you can make a fast fix :-)
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-n
From: Vadim Kochan
Automatic new line indentation can break terminal
ESC color sequence by inserting new line within it.
Fixed by considering that color ESC sequence is not closed
by 'm' and only after it is closed - print new line with spaces.
Signed-off-by: Vadim Kochan
---
tpri
On Tue, May 05, 2015 at 11:20:42AM +0200, Tobias Klauser wrote:
> On 2015-05-04 at 11:32:33 +0200, Vadim Kochan wrote:
> > From: Vadim Kochan
> >
> > Print similar header fields in less mode as it is done in
> > full mode.
>
> In my opinion it's fine
On Tue, May 05, 2015 at 11:48:55AM +0200, Tobias Klauser wrote:
> On 2015-05-05 at 11:43:03 +0200, Vadim Kochan wrote:
> > On Tue, May 05, 2015 at 11:20:42AM +0200, Tobias Klauser wrote:
> > > On 2015-05-04 at 11:32:33 +0200, Vadim Kochan wrote:
> > > > From: Vadim
From: Vadim Kochan
Print 'Family' and 'Type' (considering family) fields in less mode.
Signed-off-by: Vadim Kochan
---
proto_nlmsg.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/proto_nlmsg.c b/proto_nlmsg.c
index e8706a2..c651659 100644
On Tue, May 05, 2015 at 12:10:54PM +0200, Tobias Klauser wrote:
> On 2015-05-04 at 19:16:39 +0200, Vadim Kochan wrote:
> > Hi,
> >
> > In less mode (netsniff-ng -i --less) the color ESC terminal
> > sequences can be broken by automatic indentation made in
> >
Wireshark does not understand netsniff-ng's pcap file with Netlink
frames, I assume thats because W-shark expects that each Netlink frame
should have additional header on-top described here:
http://www.tcpdump.org/linktypes/LINKTYPE_NETLINK.html
it shows this is a Netlink type link but ca
On Tue, May 05, 2015 at 04:39:51PM +0200, Daniel Borkmann wrote:
> On 05/05/2015 12:10 PM, Daniel Borkmann wrote:
> >On 05/05/2015 11:26 AM, Tobias Klauser wrote:
> >>On 2015-05-02 at 22:54:50 +0200, Vadim Kochan wrote:
> >>>On Sat, May 02, 2015 at 07:00:53PM +0200,
On Tue, May 05, 2015 at 04:39:51PM +0200, Daniel Borkmann wrote:
> On 05/05/2015 12:10 PM, Daniel Borkmann wrote:
> >On 05/05/2015 11:26 AM, Tobias Klauser wrote:
> >>On 2015-05-02 at 22:54:50 +0200, Vadim Kochan wrote:
> >>>On Sat, May 02, 2015 at 07:00:53PM +0200,
From: Vadim Kochan
Create PF socket with proto=0 which does not
setup packet handler and will not capture packets
until bind() will be invoked.
Also replaced pf_tx_socket by pf_socket as these funcs
became the same, as proto arg is set to 0.
Suggested-by: Daniel Borkmann
Signed-off-by: Vadim
On Tue, May 05, 2015 at 01:13:04PM +0200, Daniel Borkmann wrote:
> On 05/05/2015 12:59 PM, Vadim Kochan wrote:
> >Wireshark does not understand netsniff-ng's pcap file with Netlink
> >frames, I assume thats because W-shark expects that each Netlink frame
> >should hav
ow to open the file w/o admin permissions ?
Regards,
Vadim Kochan
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroup
From: Vadim Kochan
It fixes the case when user made pcap file in sudo
mode but after it should still use sudo to read it
because of setting O_NOATIME option requires higher
privileges.
Signed-off-by: Vadim Kochan
---
netsniff-ng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
1 - 100 of 779 matches
Mail list logo