diff options
| -rw-r--r-- | INSTALL | 4 | ||||
| -rw-r--r-- | README | 4 | ||||
| -rw-r--r-- | flowtop.c | 24 | ||||
| -rw-r--r-- | flowtop/Makefile | 1 | ||||
| -rw-r--r-- | ifpps.c | 23 | ||||
| -rw-r--r-- | ifpps/Makefile | 1 | ||||
| -rw-r--r-- | netsniff-ng.8 | 4 | ||||
| -rw-r--r-- | netsniff-ng.c | 4 | ||||
| -rw-r--r-- | ring_rx.c | 5 | ||||
| -rw-r--r-- | ring_rx.h | 2 | ||||
| -rw-r--r-- | screen.c | 24 | ||||
| -rw-r--r-- | screen.h | 9 |
12 files changed, 54 insertions, 51 deletions
@@ -44,7 +44,7 @@ One-liner installation for *all* dependencies on Debian: zlib1g-dev libcli-dev libnet1-dev One-liner installation for *all* dependencies on Fedora: - + $ sudo yum install ccache flex bison ccache libnl3-devel \ GeoIP-devel libnetfilter_conntrack-devel ncurses-devel \ userspace-rcu-devel nacl-devel libpcap-devel zlib-devel \ @@ -66,7 +66,7 @@ The installation (deinstallation) process is fairly simple: (or for both at once: # make mrproper) You can also build only a particular tool, e.g.: - + $ make trafgen # make trafgen_install @@ -12,7 +12,7 @@ packets. > `' '` < / ) ,.==., ( | Web: http://netsniff-ng.org .-(|/--~~--\|)-' ( ___ -The gain of performance is \__.=|___E +The gain of performance is \__.=|___E reached by built-in zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space, and vice versa. @@ -44,7 +44,7 @@ Note that the toolkit is still quite young and under heavy development, not yet feature complete and in a quality level where we're satisfied with (i.e. for mausezahn). However, we're on a good way towards tackling all these goals. -The netsniff-ng toolkit is an open source project covered by the GNU General +The netsniff-ng toolkit is an open source project covered by the GNU General Public License, version 2.0. For any questions or feedback about netsniff-ng you are welcome to leave us a message at <netsniff-ng@googlegroups.com>. @@ -37,6 +37,7 @@ #include "locking.h" #include "dissector_eth.h" #include "pkt_buff.h" +#include "screen.h" struct flow_entry { uint32_t flow_id, use, status; @@ -740,20 +741,6 @@ static uint16_t presenter_get_port(uint16_t src, uint16_t dst, int tcp) } } -static WINDOW *presenter_screen_init(void) -{ - WINDOW *screen = initscr(); - - noecho(); - cbreak(); - keypad(stdscr, TRUE); - nodelay(screen, TRUE); - refresh(); - wrefresh(screen); - - return screen; -} - static void presenter_screen_do_line(WINDOW *screen, struct flow_entry *n, unsigned int *line) { @@ -987,18 +974,13 @@ static void presenter_screen_update(WINDOW *screen, struct flow_list *fl, refresh(); } -static inline void presenter_screen_end(void) -{ - endwin(); -} - static void presenter(void) { int skip_lines = 0; WINDOW *screen; dissector_init_ethernet(0); - screen = presenter_screen_init(); + screen = screen_init(false); rcu_register_thread(); while (!sigint) { @@ -1030,7 +1012,7 @@ static void presenter(void) } rcu_unregister_thread(); - presenter_screen_end(); + screen_end(); dissector_cleanup_ethernet(); } diff --git a/flowtop/Makefile b/flowtop/Makefile index 7e7797a..c8998a6 100644 --- a/flowtop/Makefile +++ b/flowtop/Makefile @@ -20,4 +20,5 @@ flowtop-objs = xmalloc.o \ proto_none.o \ tprintf.o \ geoip.o \ + screen.o \ flowtop.o @@ -28,6 +28,7 @@ #include "promisc.h" #include "cpus.h" #include "built_in.h" +#include "screen.h" struct wifi_stat { uint32_t bitrate; @@ -635,21 +636,6 @@ static void stats_top(const struct ifstat *rel, const struct ifstat *abs, } } -static void screen_init(WINDOW **screen) -{ - (*screen) = initscr(); - - raw(); - noecho(); - cbreak(); - nodelay((*screen), TRUE); - - keypad(stdscr, TRUE); - - refresh(); - wrefresh((*screen)); -} - static void screen_header(WINDOW *screen, const char *ifname, int *voff, uint64_t ms_interval, unsigned int top_cpus) { @@ -931,17 +917,12 @@ static void screen_update(WINDOW *screen, const char *ifname, const struct ifsta refresh(); } -static void screen_end(void) -{ - endwin(); -} - static int screen_main(const char *ifname, uint64_t ms_interval, unsigned int top_cpus) { int first = 1, key; - screen_init(&stats_screen); + stats_screen = screen_init(true); while (!sigint) { key = getch(); diff --git a/ifpps/Makefile b/ifpps/Makefile index 6f2666f..6c8ac43 100644 --- a/ifpps/Makefile +++ b/ifpps/Makefile @@ -8,4 +8,5 @@ ifpps-objs = xmalloc.o \ sock.o \ dev.o \ sig.o \ + screen.o \ ifpps.o diff --git a/netsniff-ng.8 b/netsniff-ng.8 index 60da8d7..0bc874b 100644 --- a/netsniff-ng.8 +++ b/netsniff-ng.8 @@ -62,6 +62,10 @@ scheduled move to slower medias). You can then use mergecap(1) to transform all pcaps into a single large pcap. Thus, netsniff-ng then works multithreaded eventually. .PP +netsniff-ng can also be used to debug netlink traffic. On newer kernels one +needs to modprobe nlmon so that a ''netlink'' networking device appears that +can be used as an input device for netsniff-ng. +.PP .SH OPTIONS .PP .SS -i <dev|pcap|->, -d <dev|pcap|->, --in <dev|pcap|->, --dev <dev|pcap|-> diff --git a/netsniff-ng.c b/netsniff-ng.c index c5570fc..19d4db3 100644 --- a/netsniff-ng.c +++ b/netsniff-ng.c @@ -479,7 +479,7 @@ static void receive_to_xmit(struct ctx *ctx) timer_purge(); - sock_rx_net_stats(rx_sock); + sock_rx_net_stats(rx_sock, 0); bpf_release(&bpf_ops); @@ -989,7 +989,7 @@ static void recv_only_or_dump(struct ctx *ctx) timersub(&end, &start, &diff); if (!(ctx->dump_dir && ctx->print_mode == PRINT_NONE)) { - sock_rx_net_stats(sock); + sock_rx_net_stats(sock, frame_count); printf("\r%12lu sec, %lu usec in total\n", diff.tv_sec, diff.tv_usec); @@ -131,7 +131,7 @@ void bind_rx_ring(int sock, struct ring *ring, int ifindex) bind_ring_generic(sock, ring, ifindex); } -void sock_rx_net_stats(int sock) +void sock_rx_net_stats(int sock, unsigned long seen) { int ret; bool v3 = get_sockopt_tpacket(sock) == TPACKET_V3; @@ -147,7 +147,8 @@ void sock_rx_net_stats(int sock) uint64_t packets = stats.k3.tp_packets; uint64_t drops = stats.k3.tp_drops; - printf("\r%12ld packets incoming\n", packets); + printf("\r%12ld packets incoming (%ld unread on exit)\n", + v3 ? seen : packets, v3 ? packets - seen : 0); printf("\r%12ld packets passed filter\n", packets - drops); printf("\r%12ld packets failed filter (out of space)\n", drops); if (stats.k3.tp_packets > 0) @@ -19,7 +19,7 @@ extern void alloc_rx_ring_frames(int sock, struct ring *ring); extern void bind_rx_ring(int sock, struct ring *ring, int ifindex); extern void setup_rx_ring_layout(int sock, struct ring *ring, unsigned int size, bool jumbo_support, bool v3); -extern void sock_rx_net_stats(int sock); +extern void sock_rx_net_stats(int sock, unsigned long seen); static inline int user_may_pull_from_rx(struct tpacket2_hdr *hdr) { diff --git a/screen.c b/screen.c new file mode 100644 index 0000000..34b27f3 --- /dev/null +++ b/screen.c @@ -0,0 +1,24 @@ +#include <curses.h> + +#include "screen.h" + +WINDOW *screen_init(bool israw) +{ + WINDOW *screen = initscr(); + + if (israw) + raw(); + noecho(); + cbreak(); + nodelay(screen, TRUE); + keypad(stdscr, TRUE); + refresh(); + wrefresh(screen); + + return screen; +} + +void screen_end(void) +{ + endwin(); +} diff --git a/screen.h b/screen.h new file mode 100644 index 0000000..7a647be --- /dev/null +++ b/screen.h @@ -0,0 +1,9 @@ +#ifndef SCREEN_H +#define SCREEN_H + +#include <curses.h> + +extern WINDOW *screen_init(bool israw); +extern void screen_end(void); + +#endif /* SCREEN_H */ |