| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Print not handled attributes which will be helpful to
indicate such attributes and add dissection code.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add header bar to be symmetric to the footer.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make __do_lookup_inline an inline function and shorten its name to
__lookup_inline.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not needlessly duplicate code between the oui and the lookup module.
Instead, add an additional lookup table for OUIs to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure every lookup table is only initialized once. Preparatory patch
before moving OUI lookup.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It's not only ports we look up, make the names a bit more generic.
Preparatory patch before moving OUI lookup to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The lines in an HTTP request should all end with \r\n (CRLF) according
to RFC 2616, so use these consistently.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The end of the buffer might already contain part of the data payload.
Setting the last byte to 0 will thus corrupt the gz file, leading to
failed decompression (or previously, to invalid GeoIP database files).
The NULL-termination is not necessary in this case, so just omit it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In case the downloaded gzip file got corrupted somehow, the gzread would
fail, leaving part of the file uninflated and thus leading to a
corrupted GeoIP database. This can in the worst case lead to a crash in
libgeoip which in turn causes netsniff-ng/flowtop/astraceroute to crash.
So better panic() if we fail to uncompress.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It looks like the result of RTA_PAYLOAD() can be of different type
depending on architecture/kernel header version/...
In order to prevent warnings related to non-matching types, just
explicitly cast RTA_LEN to an int, since it can't possible be larger
than the unsigned short of rta_len anyhow and it is used as an in in the
call to device_addr2str().
Fixes: 664dcf4217 ("netsniff-ng: nlmsg: Use correct pritnf format specifier for int")
Reported-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check whether there were flags printed before and if this is the case,
add a space before printing the next flag. Nicely wrap this all in a
macro.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
RTA_LEN is defined as an alias of RTA_PAYLOAD which is defined as:
#define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0))
Thus use the correct format specifier %d for int instead of %lu.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
ctx->pkts_recvd_last and ctx->pkts_drops_last are uint64_t, so use the
PRIu64 format specifier to print them.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Example shows how to filter rtnetlink messages by ifindex & oper state.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not perform fclose for stdin fd.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Allow read compiled BPF instructions from stdin by via '-f -' option.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix calls to calc_csum() missed in the previous commit b2eaec6.
Fixes: b2eaec6 ("csum: Remove unused parameter from calc_csum()")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The `ccsum' parameter to calc_csum() is never used and is set to 0 by
all callers. There's no reason to keep it, so remove it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Craft packet directly from command line with same syntax as for conf file.
It might be as first step to extend current syntax with specific proto fields.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move piece of code which converts cmdline args vector to string
from netsniff-ng.c to str.c as function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
No need to use if/else, just toogle it like any other bool.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add command 'a' to show only active flows with rate > 0 (dst or src).
Now 'n->is_visible' means which flow to show by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add interactive command 'b' to change rate units to show.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show help window by pressing '?' with interactive commands description.
Added simple footer bar with help label.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Just add a newline before notes.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Redirect stderr output of pkg-config to config.log in order to not spam
the configure output with pkg-config errors. Instead, use the same
pkg-config commands as for the other library checks to get
libnetfilter_conntrack cflags. Additionally, use pkg-config to the the
linker flags as well.
Fixes: 19991f90 ("build: Handle libnetfilter-conntrack with pkg-config")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
libnl-route is used in netsniff-ng to dump nlmsg flags.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Since we have such a nice naming scheme (who can guess it?), mention the
release name in the release announcement.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Merge shrinking code duplicated for RX/TX rings into an own generic
function.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print the strerror() and rephrase the message a bit.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Seems like screen is updating too frequently which
may block some terminals, so lets do it once in 1s
but only if no key was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is not necessary to do not allow run application if
there is no conf file for port resolving, but instead print
message to stderr.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use copyright text from one place when print it in version or help output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Let AF_PACKET do this job to fail in case boundaries are too small or
too large. I found it quite useful for testing the kernel.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Spell out "resolve" properly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Needed for openSUSE since they have versioned libnetfilter-header files.
Signed-off-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
ethtool_drvinf() already clears the struct ethtool_drvinfo, so there is
no need to do it manually before calling it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make rate calculation more carefully by checking previous & current
bytes/pkts counter.
Do calculation only if update time passed >= 1s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is easier to differentiate bytes/pkts counters with rate counters
if to use different colors.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename flow_entry_direction to flow_direction, which is a bit shorter
and change the enum value names to be in upper case.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Handle non-zero return values by exiting flowtop like we do in the other
tools.
This fixes Coverity warnings CID 1338093 and CID 1338092.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the inline function packet_dyn_has_only_csums() which is used in the
previous commit but accidentially wasn't added there.
Fixes: b5d757a ("trafgen: Pre-calculate checksums if possible")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The TCP/UDP checksums cannot be calculated in the parser as the packet
payload following the TCP/UDP header is not yet know. However, we can
calculate these checksums before the send loop if the only dynamic
elements of the packet are checksums.
This change avoids the overhead of recalculating the checksums for every
iteration the send loop in these cases.
Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
We already do a memset before, no need to set members to null twice,
just some minor cleanup.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Lets make i and num as size_t, there's no particular reason for them
to be int. At least i is used to setup iov_base offsets.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
The number of frames in a tpacket ring (ring->layout.tp_frame_nr) is
currently calculated as:
tp_frame_nr = tp_block_size / tp_frame_size * tp_block_nr
Substituting tp_block_nr with 'size / tp_block_size' (as calculated in
the line above), we get:
tp_frame_nr = tp_block_size / tp_frame_size * (size / tp_block_size)
and realize that we can omit tp_block_size as it cancels out, leading
to:
tp_frame_nr = 1 / tp_frame_size * (size / 1)
= size / tp_frame_size
Adjust the calculation in setup_ring_layout_generic() accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Initialization of the ring->layout members is the same for RX and TX
rings. Instead of duplicating the code in setup_rx_ring_layout() and
setup_tx_ring_layout(), create a new function
setup_ring_layout_generic() which is called from the former two.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Update the zsh completion with option -n/--no-dns, -G/--no-geoip,
-b/--bits, -t/--interval.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
