On 01/13/2017 02:02 PM, Vadim Kochan wrote:
Hi,
I tried to extend flowtop UI to have some aggregated info via tabbed
panel interface.
Currently there is only 1 new "Process" tab which grouped flows stat info per
unique pid (with summed rates & bytes). Plz let me know if it would be
good to
On 08/07/2016 07:46 PM, Vadim Kochan wrote:
Hi,
I did not ever use Linux pktgen feature, but I just catch the
idea if it would be good to have option to send trafgen protocol
built packet via Linux pktgen ? Theoretically it is possible to create
simple and generic code to generate raw or pktgen
On 08/03/2016 09:34 AM, Tobias Klauser wrote:
[...]
Form the point of view of compiling nesniff-ng/trafgen there is no
difference of whether an external library "exists" or was explicitely
disabled by the user. I'd really prefer CONFIG_LIBNL for this and I
don't think more fine-grained control
Hi Vadim,
thanks for looking into this, appreciate it!
On 02/20/2016 03:28 PM, Vadim Kochan wrote:
On Sat, Feb 20, 2016 at 1:25 AM, Vadim Kochan wrote:
Hi,
I tried to come up with visual separating of printed flows as currently
its not easy to identify separate flow
On 02/19/2016 10:10 AM, Vadim Kochan wrote:
Simply because netsniff-ng does not support custom date-time format
for pcap file name.
But as I said we can extend it in the similar way like tcpdump does.
Agreed, that might be useful.
Thanks,
Daniel
--
You received this message because you are
On 02/18/2016 12:09 PM, Vadim Kochan wrote:
Hi Lorenzo,
On Sat, Feb 6, 2016 at 11:16 PM, Lorenzo Pistone wrote:
Hi, I would like to suggest a feature. It would be nice to have an option to
capture a packet only once every N packets. I can see that one could
implement
On 02/01/2016 04:51 PM, Tobias Klauser wrote:
On 2016-02-01 at 15:38:28 +0100, Umair Ali wrote:
[...]
Sorry, but reviewing a random dump of code (that doesn't even compile)
goes beyond the scope of what I'd consider support/help for netsniff-ng.
+1
Ali, I find your
On 01/27/2016 02:13 PM, e.bengts...@gmail.com wrote:
[...]
Is it possible to add some kind of signal interface for controlling start
of new files instead of relying on incoming events?
I have pulled the source and had a look but don't really know how to
proceed...
If you have some cycles, it
[ Thanks Vadim! Actually Cc'ing him here. ]
On 12/17/2015 12:38 PM, Vadim Kochan wrote:
On Wednesday, May 13, 2015 at 10:04:28 AM UTC+3, Kenneth Aaron wrote:
Hi,
Is it possible to use shell variables in the configuration file?
The use case I have is a script that sets variables such as IP
On 12/14/2015 02:45 PM, Burak Özalp wrote:
Hi everbody,
I recently use trafgen, it is very useful and with your helps, I manage to
create 6Mpps as you know. My problem is, is it possible to set pps value with
argument or config file? I need very small values (like 140pps) and i want to
use
On 11/30/2015 01:02 PM, Burak Özalp wrote:
...
I realized that i use v0.5.8 in CentOS 7. İ tested with v0.6.0 with 12 core and
finally i can manage to send 6 Mpps without any flags(with Jasper adjusted
syn_attack config file) !
Nice to hear! Thanks!
--
You received this message because you
On 11/30/2015 10:21 AM, Burak Özalp wrote:
Hi everyone,
I realized that --qdisc-path option is not available on version 0.5.8-6 whish
is the latest RPM on CentoOS 7.
Could you please upload the latest RPM (v0.6.0) for CentOS 7.
I think you need to open a bug against RHEL7 (there should be a
On 11/27/2015 08:57 AM, Burak Özalp wrote:
Hi everyone;
First of all, you've done great job with netsniff-ng!Congrulations!
I want to use trafgen to simulate an syn_flood attack. In --help, i saw that
" trafgen --dev eth0 --conf tcp_syn.cfg -u `id -u bob` -g `id -g bob`"
command. Could you
on your network tuning and hardware, people have
reported to get ~6Mpps on TCP SYNs:
https://www.mail-archive.com/netdev@vger.kernel.org/msg87192.html
What kernel/settings do you have for fine-tuning?
On 27-11-2015 11:13, Daniel Borkmann wrote:
On 11/27/2015 08:57 AM, Burak Özalp wrote:
Hi
On 11/09/2015 12:26 PM, vkochan wrote:
...
If you conceptually agree with this idea, I probably may re-work series
and add separate '-p, --pkt' option for the specify packet language from
command line, or additionally send this as separate patch.
Can you elaborate on "specify packet language"?
On 11/06/2015 05:06 PM, Vadim Kochan wrote:
On Fri, Nov 06, 2015 at 05:05:38PM +0100, Tobias Klauser wrote:
On 2015-11-06 at 16:53:02 +0100, Vadim Kochan wrote:
On Fri, Nov 06, 2015 at 04:36:08PM +0100, Tobias Klauser wrote:
On 2015-11-06 at 15:46:16 +0100, Vadim Kochan
On 10/13/2015 11:37 AM, tmartin...@gmail.com wrote:
Hello,
I'm currently trying to do some stats (max pps, max bps, etc) on a company
network traffic.
My setup is quite simple: all traffic going through the "external" interface of
a firewall is mirrored to a network interface on a server.
On 08/07/2015 12:01 AM, Stefano Pirrello wrote:
I took another look at my server and saw the process is hung up again. See
below on how many captures were successful but eventually they stopped
generating.
~/captures$ ls -ltr
total 3297540
-rwxr--r-- 1 n3tus3r n3tus3r 6225 Aug 3 23:06
On 07/27/2015 12:20 AM, Vadim Kochan wrote:
On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote:
On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote:
On 07/25/2015 06:09 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Seems it was caused by specifying all
On 07/25/2015 07:22 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Replace n tmp variables to more understandable prev next.
Signed-off-by: Vadim Kochan vadi...@gmail.com
Applied.
--
You received this message because you are subscribed to the Google Groups
netsniff-ng
On 07/26/2015 02:17 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Clean up ncurses screen when panic was caused.
There will be limitation that error message
will be printed on stderr after ncurses cleanup
so it will be needed now to use redirect to error file:
ifpps -d dev
On 07/26/2015 02:01 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Add match device name with _ in /proc/net/dev.
Signed-off-by: Vadim Kochan vadi...@gmail.com
Applied, thanks!
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To
On 07/25/2015 06:56 PM, Vadim Kochan wrote:
This series converts int - bool in several functions:
- flow_entry_get_extended_is_dns(...)
- get_port_inode(..)
- presenter_get_port(..)
Series applied, thanks.
--
You received this message because you are subscribed to the Google
On 07/25/2015 06:09 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Seems it was caused by specifying all netfilter groups
when flushing connections.
Used separated nfct instance w/o netfilter groups to
flush ipv4/ipv6 connections.
More info can be fetched from the issue item on
On 07/23/2015 08:15 AM, Vadim Kochan wrote:
...
Sorry this might be buggy if dst port from #1 connection will be the
same as src port from connectoin #2, so it needs to do checking
separately for src dst in case if src lookup was failed.
Ok, dropped.
--
You received this message because you
On 07/18/2015 01:12 PM, Vadim Kochan wrote:
This series reverts unnecesseary cond lock when presenter waits for collector
to finish its initializing part before do screen initializing, it was added
only to do not panic collector when screen is initialized with ncurses so after
this
shell will
On 07/20/2015 10:12 AM, Vadim Kochan wrote:
On Mon, Jul 20, 2015 at 10:09:52AM +0200, Daniel Borkmann wrote:
On 07/19/2015 01:41 PM, Vadim Kochan wrote:
Replace direct access to /proc/sys params by new added helpers from
sysctl.c module.
Looks good, applied. Thanks for following up
On 07/20/2015 02:06 PM, Unnikannan Nair, Jishnu wrote:
Hi
I'm running the latest version 0.5.9, and im not running it in silent mode as
of now just to see the dropped packets information when the capture is
complete. I intend to run it as silent when all issues are solved :)
Well, dumping
On 07/20/2015 01:45 PM, Unnikannan Nair, Jishnu wrote:
Hi
I'm trying to build a network sniffer for UDP multicast streams using
netsniff-ng. I have deployed two linux systems (Ubuntu server 14.04 LTS) on an
ESXi one has the sniffer and other has tcpreplay sending packets at needed
Mbps. The
On 07/20/2015 02:21 PM, Unnikannan Nair, Jishnu wrote:
So are you saying that it's impossible to dump pcap files at this rate??
Please, that's not what I wrote in my email.
I wrote that you should use -s.
--
You received this message because you are subscribed to the Google Groups
On 07/20/2015 04:58 PM, Unnikannan Nair, Jishnu wrote:
Hi
I have double checked, it seems if I run with -s option with the application saving
files on to a folder --out /share/capture/job/ will not give any statistics up on
stopping it using ^C.
And it is giving a Cannot set NIC Flags message
On 07/14/2015 04:57 PM, Vadim Kochan wrote:
vadi...@gmail.com
Bcc:
Subject: Re: [netsniff-ng] wrong number of packets filtered in
Reply-To:
In-Reply-To: ac7d7957a7715142afeae26281c9be9851d99...@srveurmbx06.nov.com
On Mon, Jul 13, 2015 at 02:27:22PM +, Unnikannan Nair, Jishnu wrote:
Hi
I'm
On 07/13/2015 10:24 AM, Vadim Kochan wrote:
Hi,
After 1 week I decided to ping for some flowtop related fixes:
http://article.gmane.org/gmane.linux.network.netsniff-ng/973
http://article.gmane.org/gmane.linux.network.netsniff-ng/974
Sorry for the long delay. I've applied both
On 07/04/2015 09:18 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
While removing flow which is pointed by 'head' then
head is set to NULL and all the list disappears, so fixed
by set removing flow next entry to list 'head'.
Signed-off-by: Vadim Kochan vadi...@gmail.com
On 07/13/2015 12:09 PM, Vadim Kochan wrote:
On Mon, Jul 13, 2015 at 12:31:39PM +0300, Vadim Kochan wrote:
...
If I understood correctly, you asked to do not use separated sysctl
module unless it will not be used in other places ? But these funcs can
be used statically in flowtop.c so they then
On 06/29/2015 02:58 AM, Vadim Kochan wrote:
Hi,
This is the 1-st try version of how I see the protocol generation API for the
trafgen util as mz replacement (at least for better performance).
I am sending this just because to get your feedback about conceptual idea,
and as soon as I got some
[ Cc'ing Jon ]
On 06/29/2015 11:32 AM, Vadim Kochan wrote:
Hi,
Since the possible fix was comitted there was no response from #jonship
may be it can be closed ?
https://github.com/netsniff-ng/netsniff-ng/issues/73
Regards,
--
You received this message because you are subscribed to the
On 06/21/2015 07:02 PM, Vadim Kochan wrote:
...
Not sure if it is necessary to use libnet by trafgen as it is used by mz
to generate packets ? It will add the new dependency, but seems it can
simplify generation of the proto packets.
Yes sure, we shouldn't depend on it, I think some small
On 06/22/2015 03:37 PM, Vadim Kochan wrote:
...
Well, anyway I am trying to implement basic cmdline mz-like proto
generation API with few layered protocols: eth, ip, udp for trafgen
utility.
If I success with this I will share the patch series (I will try to
better split it for easier review).
On 06/19/2015 10:46 AM, Vadim Kochan wrote:
...
OK here is another (may be better) design.
Here is an example of the cfg script:
{
eth
{
dst: eth_addr(AA:BB:CC:DD:EE:FF)
proto: ipv4,
}
ip
{
src: ip_addr(192.168.1.1)
dst:
On 06/20/2015 12:38 AM, Vadim Kochan wrote:
...
Regarding cleanups ... what do you think about change pcap_pkthdr_t to:
typedef struct {
union {
struct pcap_pkthdr ppo;
struct pcap_pkthdr_ns ppn;
struct
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
From 045e9395ca9c2971ab7f7a886f5d6b4cf679c7fd Mon Sep 17 00:00:00 2001
Message-Id: 045e9395ca9c2971ab7f7a886f5d6b4cf679c7fd.1434749532.git.dan...@iogearbox.net
From: Daniel Borkmann dan
On 06/18/2015 11:49 AM, Daniel Borkmann wrote:
On 06/18/2015 11:42 AM, Vadim Kochan wrote:
On Thu, Jun 18, 2015 at 10:45:29AM +0200, Daniel Borkmann wrote:
I've started splitting this into smaller digestible chunks,
couple of more evenings and it should be done from my side.
Thanks for your
On 06/19/2015 10:58 PM, Vadim Kochan wrote:
On Fri, Jun 19, 2015 at 10:47:49PM +0200, Daniel Borkmann wrote:
...
@@ -737,6 +837,24 @@ static inline void pcap_validate_header(const struct
pcap_filehdr *hdr)
if (unlikely(hdr-version_minor != PCAP_VERSION_MINOR
On 06/18/2015 03:24 PM, Vadim Kochan wrote:
On Thu, Jun 18, 2015 at 11:07:12AM +0200, Daniel Borkmann wrote:
On 06/18/2015 10:57 AM, Vadim Kochan wrote:
...
Not yet, but I will try keep thinking about this, and will let know if I
will have some real ideas regarding implementation.
Sounds
I've started splitting this into smaller digestible chunks,
couple of more evenings and it should be done from my side.
Thanks for your patience.
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group and stop receiving
On 06/18/2015 01:30 AM, Vadim Kochan wrote:
Hi,
I tried to look over mz tool and try to start adding TX fast path as it
is done in trafgen but I am not sure it will be easy, for me it seems the
code is not easy to change.
I have no some objective arguments but I feel that may be it would be
On 06/18/2015 10:57 AM, Vadim Kochan wrote:
...
Not yet, but I will try keep thinking about this, and will let know if I
will have some real ideas regarding implementation.
Sounds good!
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To
On 06/13/2015 02:30 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Use Linux cooked header for Netlink interface automatically
of as replavement of L2 header by specifiyng --cooked option.
http://www.tcpdump.org/linktypes/LINKTYPE_LINUX_SLL.html
cooked header makes sense to
On 06/13/2015 02:30 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Move device string convertions funcs (device_type2str, device_addr2str)
from proto_nlmsg.c to dev.c to use them in other modules.
Signed-off-by: Vadim Kochan vadi...@gmail.com
Patch 1/3 applied with minor
On 06/06/2015 01:05 AM, Perf Tech wrote:
I have a PC with 3 NICs (eth0 is Intel 82579LM NIC, eth1 is 82574L), OS is
ubuntu 12.04 server.
I connected eth0 and eth1 with a ethernet cable and both ports are up.
Trying to find out how fast trafgen(0.5.9-rc4) can send packets on this
system.
#
On 06/05/2015 09:58 AM, Vadim Kochan wrote:
...
May be you should add --cpp option ?
$./trafgen --dev eth0 --conf tmp2.txt --rand --gap 1000us --cpp
Yes, that's correct. Thanks for the quick reply, Vadim!
--
You received this message because you are subscribed to the Google Groups
On 06/04/2015 09:34 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Dump RTnetlink routing related info with attributes.
Signed-off-by: Vadim Kochan vadi...@gmail.com
Applied, thanks Vadim.
Please in future don't reuse the exact same patch subject resp.
commit message from some
On 06/06/2015 12:16 AM, Vadim Kochan wrote:
...
Do you have cpp installed on your machine?
I think in that case there could be a message like:
sh: cpp: command not found
Failed to invoke C preprocessor!
Yes, agreed. Want to send a patch? ;)
--
You received this message because you are
On 06/02/2015 10:44 AM, Vadim Kochan wrote:
On Tue, Jun 02, 2015 at 10:36:12AM +0200, Daniel Borkmann wrote:
On 06/01/2015 05:43 PM, Vadim Kochan wrote:
On Mon, Jun 01, 2015 at 05:14:10PM +0200, Daniel Borkmann wrote:
On 06/01/2015 04:23 PM, Vadim Kochan wrote:
...
I checked
Hi Benjamin,
Sorry for the late reply, this slipped through. :/
On 04/23/2015 05:21 PM, Benjamin Henrion wrote:
Hi,
Would it be possible to have an option to curvetun to log to a logfile?
Curvetun sends to syslog, but on my system I want to avoid having a
syslog daemon.
I have made an init
On 05/10/2015 02:37 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Since Netlink messages are written in default pcap format there is no
way to identify Netlink family by socket protocol number, so
use pcap cooked header for Netlink messages as described here:
On 05/07/2015 02:32 AM, Michał Purzyński wrote:
I used 3.13 for testing. It's in Ubuntu as HWE stack.
So, following commit was added v3.0-rc4-846-gdc99f60 ...
commit dc99f600698dcac69b8f56dda9a8a00d645c5ffc
Author: David S. Miller da...@davemloft.net
Date: Tue Jul 5 01:45:05 2011 -0700
On 05/07/2015 04:47 PM, arse...@gmail.com wrote:
...
I am very sorry but it looks like this was working all the time at least in
couple of modes but I messed up ls command and didn't see other files !
Ok, no problem. It's good that we now have it verified from a couple of people
that it works
Sorry for the late answer.
On 05/01/2015 02:53 PM, arse...@gmail.com wrote:
...
Interesting, lets say if you use --fanout-type lb, would that make a difference?
This should round robin each packet between these 3 processes, so you should
definitely see something unless we have a bug. ;) Let me
On 05/06/2015 07:36 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
It fixes the case when user made pcap file in sudo
mode but after it should still use sudo to read it
because of setting O_NOATIME option requires higher
privileges.
Signed-off-by: Vadim Kochan vadi...@gmail.com
On 05/06/2015 11:52 PM, Daniel Borkmann wrote:
Sorry for the late answer.
On 05/01/2015 02:53 PM, arse...@gmail.com wrote:
...
Interesting, lets say if you use --fanout-type lb, would that make a difference?
This should round robin each packet between these 3 processes, so you should
On 05/07/2015 12:14 AM, Michał Purzyński wrote:
That were my results as well.
It would be worthwhile to investigate how the hash is generated in the
kernel. I remember, somewhere in the original patch that introduced
this functionality, developers decided to let the hardware generate
rxhash and
On 05/05/2015 12:10 PM, Daniel Borkmann wrote:
On 05/05/2015 11:26 AM, Tobias Klauser wrote:
On 2015-05-02 at 22:54:50 +0200, Vadim Kochan vadi...@gmail.com wrote:
On Sat, May 02, 2015 at 07:00:53PM +0200, Tobias Klauser wrote:
On 2015-04-29 at 21:18:24 +0200, Vadim Kochan vadi...@gmail.com
On 05/05/2015 12:59 PM, Vadim Kochan wrote:
Wireshark does not understand netsniff-ng's pcap file with Netlink
frames, I assume thats because W-shark expects that each Netlink frame
should have additional header on-top described here:
Hi Ivan,
On 04/30/2015 05:28 PM, arse...@gmail.com wrote:
Hi all,
I have been using netsniff-ng for some time now and am very excited about
packet fanout feature.
Cool, great to hear! :)
Have one AF_PACKET hash fanout functionality related question if somebody has
time to comment :
how
On 04/22/2015 05:09 PM, Vadim Kochan wrote:
...
Sure, I will try to fix it, really I dont have a fix yet. The issue goes
from pcap ops in init one function, where IO prio is set, the first
think which came up in my mind is to have separate pcap ops for read
only where set IO prio will be not
On 04/22/2015 06:26 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
It allows to read pcap file for users who have no
permissions to set process IO prio.
Signed-off-by: Vadim Kochan vadi...@gmail.com
I'm okay with that, read_pcap() is slow-path anyway.
Thanks
--
You received
On 04/22/2015 11:50 PM, Vadim Kochan wrote:
...
I think that HT Capabilities element info should be showed in more structured
view so
it will be more readable what do you think ?
Does someone have a better option ?
Yes, I'm fine with that.
--
You received this message because you are
Hi Michal,
On 04/14/2015 09:53 AM, Daniel Borkmann wrote:
Thanks Michal, looks almost ready to go in!
Okay, I just fixed everything up and pushed it out under your
authorship:
https://github.com/netsniff-ng/netsniff-ng/commit/f00d4d54f28c0374cc57e6ca07dd648d7684c69c
We can still fix
Hi Vadim,
On 04/17/2015 09:04 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
Fixed case when netsniff fails if there is already existing monX device
while generating.
Signed-off-by: Vadim Kochan vadi...@gmail.com
...
+int device_ifindex(const char *ifname)
+{
+ int index
On 04/21/2015 01:13 PM, Michał Purzyński wrote:
Thanks a lot, I was trying to find a time for it over the weekend,
turned out to be difficult so decided to work on it next weekend :-)
No problem. ;) Thanks for looking into this!
I'll focus on some good documentation next, showing how to use
Thanks Michal, looks almost ready to go in!
Other than Tobias' excellent feedback, some minor things from my side:
On 04/14/2015 01:10 AM, Michal Purzynski wrote:
---
netsniff-ng.c | 28 +---
ring_rx.c | 17 -
ring_rx.h | 2 +-
3 files
On 04/11/2015 06:59 PM, Michał Purzyński wrote:
OK, try one. I'm ready to accept heavy artillery fire ;-) Man, it
takes a while to find a free letter for getopt.
Two new parameters were added:
-C cluster id with integer that represents the socket fanout group
identifier and must be shared
On 03/23/2015 11:37 AM, Vadim Kochan wrote:
On Mon, Mar 23, 2015 at 11:25:26AM +0100, Lorenzo Pistone wrote:
...
Thats what I got on 3.18 with the same cfg file:
$ trafgen/trafgen -c ~/trafgen.cfg -o wlp3s0 -n 1
4 packets to schedule
168 bytes in total
Running! Hang up with ^C!
Hi Lorenzo,
On 03/22/2015 03:13 PM, Lorenzo Pistone wrote:
Hi,
I'm trying to send UDP packets with zero length withthis simple configuration
on trafgen:
{
# --- ethernet header ---
0xbe, 0x15, 0x1d, 0x12, 0x1c, 0x57, # mac destination
0xfa, 0x16, 0x3e, 0xa0, 0x5d,
On 03/23/2015 03:39 PM, Lorenzo Pistone wrote:
I'm checking with netsniff-ng, I use the same interface with which I'm sending
this email
Ok, well that doesn't work. If you emit packets with trafgen, it
uses by default a path that bypasses the traffic control layer.
If you really want to see
(contrary to
lo), but when interrupting I get Cannot destroy the TX_RING: Device or resource
busy! for each CPU (so 4 times in my case). Looks like a start.
Il 23/03/2015 10:27, Daniel Borkmann ha scritto:
Hi Lorenzo,
On 03/22/2015 03:13 PM, Lorenzo Pistone wrote:
Hi,
I'm trying to send UDP
On 01/28/2015 11:15 PM, Vadim Kochan wrote:
From: Vadim Kochan vadi...@gmail.com
There might be more proto dissectors which
will make root src directory huge, hence move
them to the separate 'dissect' dir.
Signed-off-by: Vadim Kochan vadi...@gmail.com
For now I'd prefer them actually where
On 07/18/2014 03:49 PM, Tobias Klauser wrote:
On 2014-07-18 at 15:09:55 +0200, 'peter' via netsniff-ng
netsniff-ng@googlegroups.com wrote:
hi,
im looking for a way to automate packet generation for traffic
shaper testing.
found a testfile online and modified it a bit, only
source/destination
On 05/07/2014 02:51 PM, Lorenzo Pistone wrote:
Hello,
the delay (-d) option is not satisfactory with low delays. The unavoidable
imprecision of the sleep time screws the actual pps a lot (see
http://www.martani.net/2011/07/nanosleep-usleep-and-sleep-precision.html). I
believe also that
On 03/29/2014 07:32 PM, mukul joshi wrote:
Hi,
I am working on one project where I am using mausezahn for packet
generation. I want to print the generated packet buffer (i.e. the whole
buffer which is delivered to the network interface) I want to provide this
packet buffer to another process
On 03/17/2014 06:21 AM, rukanth sameera wrote:
Hi
Hello, I am rukanth. I am very happy to say i like your netsniff-ng toolkit
and it is very useful to me. I have to ask question that is what are the
compatible hardware for netsniff-ng.
Generally, you need a Linux box and the more recent your
We have decided to move the netsniff-ng upstream Git
repository to a new Github netsniff-ng organization:
Web:
https://github.com/netsniff-ng/netsniff-ng
Git:
git://github.com/netsniff-ng/netsniff-ng.git
Please update your Git origin to this location.
Thanks !
--
You received this
On 02/17/2014 01:44 PM, Daniel Borkmann wrote:
On 02/16/2014 04:13 PM, Daniel Borkmann wrote:
On 02/16/2014 03:15 PM, Lorenzo Pistone wrote:
On 02/16/2014 02:00 PM, Daniel Borkmann wrote:
It's a kernel bug in the VM subsystem, dealing with transparent hugepages.
A patch was submitted
Hi Olivier,
On 02/11/2014 05:33 PM, Olivier Marce wrote:
Hi guys
thanks a lot for this splendid toolkit.
I got a strange (for me) behavior that I would like to share with you.
Platform Ubuntu 12.10
I have a WiFi interface named wlan5 and IP@ 192.168.1.5 that I ping from
another machine. MAC@
On 12/23/2013 08:06 PM, Robert Edmonds wrote:
Hi,
I'm seeing the error message Flushing TX_RING failed: No such device or
address! when I try to run trafgen on Debian kernel 3.12.6, but not on 3.11.
Here is the full trafgen output:
A PF_PACKET stable patch for the kernel is on it's way to
On 12/20/2013 04:21 AM, Robert Edmonds wrote:
Hi,
I'm trying to figure out why netsniff-ng takes a long time to start up
on one of my machines. I'm running the latest git checkout on Debian
unstable (running the Debian 3.11.6 kernel), and when I run:
netsniff-ng --silent -i eth1 -o /dev/null
On 12/20/2013 07:08 PM, Robert Edmonds wrote:
Robert Edmonds wrote:
The funny thing is, I have a similar machine where netsniff-ng starts up
instantly. It seems like a kernel issue, so I will try updating the
problematic machine's kernel. I can also replicate the issue on the
problematic
On 12/17/2013 10:34 AM, Drasko DRASKOVIC wrote:
Hi all,
I am trying to compile netsniff-ng with Mausezahn under Yocto (Open
Embedded),
So far I have this output of configure:
...
[!] The following tools will *not* be built: curvetun flowtop astraceroute
mausezahn
[*] The following tools will be
On 12/17/2013 06:31 AM, Jon Schipp wrote:
Also, page 108 has a small section on installing and using ifpps.
That's awesome, thanks for the great news!
On Thu, Dec 12, 2013 at 11:21 PM, Jon Schipp jonsch...@gmail.com wrote:
FYI:
The Applied NSM book was released today [1]. From the table
to not forget about
this idea.
Thanks,
Doug
On Tue, Oct 22, 2013 at 4:23 AM, Daniel Borkmann dbork...@redhat.com wrote:
On 10/21/2013 05:00 PM, Doug Burks wrote:
Hello all,
Have you considered implementing support for decoding ERSPAN? Looks
like gulp and snort currently support
On 10/21/2013 05:00 PM, Doug Burks wrote:
Hello all,
Have you considered implementing support for decoding ERSPAN? Looks
like gulp and snort currently support this:
Are you referring to the packet dissector or to store the decapsulated
data to a pcap file?
Sorry for the late answer,
On 09/19/2013 09:12 PM, rometor...@gmail.com wrote:
Hi All,
I am looking on implementing HW filters using bpfc.
Very cool! BPF engine offloading into a NIC might be interesting!
This is a process outline
1) Generate BPF file in human readable format - How to use
On 09/23/2013 02:58 PM, Daniel Borkmann wrote:
On 09/23/2013 06:26 AM, onubogu Last Nameokey wrote:
Hi group members,
Please can someone help me debug this cmake and make error. I am trying to
install netsniff-ng-0.571 on ubuntu 9.10 Karmic Kaola.I have downloaded
(manually and using apt-get
On 09/04/2013 08:22 PM, Daniel Martin wrote:
Hey Daniel,
Thanks for your reply. I did compile your example
bpfc foo bar
Which did return
cat bar
{ 0x20, 0, 0, 0xf034 },
{ 0x16, 0, 0, 0x },
You need 3.10 or higher. This was developed during netfilter workshop,
and merged in on
On 08/21/2013 09:52 PM, Jon Schipp wrote:
I added the configurations outlined in Section 9.1 of RFC2544,
Benchmarking Methodology for Network Interconnect Devices to
gencfg [1]. Currently, it will write each configuration to a file in the
current working directory.
$ ./gencfg -G rfc2544 -s
On 08/22/2013 07:10 PM, Jon Schipp wrote:
Are BPF filters compiled for each packet that reaches a filter?
I assumed they were compiled once and then applied until the sniffing
application process ends.
BPF filters are attached to the kernel's socket representation. If no JIT is
active, the
On 08/16/2013 04:48 PM, branchnetconsult...@gmail.com wrote:
I built netsniff-ng 0.5.8-rc2 from git just last night on a 64bit Ubuntu
12.04.2 LTS box.
When I specify a time-based interval, netsniff-ng records for the full
interval but then crashes with a Poll failed! error before starting a 2nd
On 08/16/2013 09:54 PM, Allen Ting wrote:
Thanks for the answers.
I tried to limit the pcap file size to 100MB by setting the option to
be --interval
100MiB, however, I saw most of the pcap files were created at the size
around 170MB to 200MB. Is this the expected behavior?
Is this
1 - 100 of 171 matches
Mail list logo