summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2018-12-04docs: remove again, moved to the netsniff-ng.github.ioTobias Klauser8-831/+0
If we want to use https://netsniff-ng.github.io instead of https://netsniff-ng.github.io/netsniff-ng the source apparently have to live in a separate repository. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-04docs: add netsniff-ng website source for GitHub pages renderingTobias Klauser8-0/+831
Let's move to GitHub pages so I don't always forget to update the website upon a new release. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-02netsniff-ng: store default prefix in ctxTobias Klauser1-2/+5
Store the default "dump-" prefix in ctx->prefix instead of checking it every time in generate_multi_pcap_filename. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-02zsh: netsniff-ng: add completion for --overwriteTobias Klauser1-0/+1
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-02AUTHORS: add Whang ChoiTobias Klauser1-0/+1
Add Whang Choi for PR #202 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-02netsniff-ng: implement rotating capture filesWhang Choi2-7/+34
Add a new option -O, --overwrite which allows to rotate capture files. The timestamp in the file name is replaced with a number that wraps around after reaching the specified number of files. Example usage: netsniff-ng -s -F 1KiB -O 10 -i eth0 -o /output/folder Fixes #147 Signed-off-by: Whang Choi <wch0x01@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-12-02build: use system libsodium by defaultTobias Klauser1-2/+8
If libsodium is installed (i.e. pkg-config --variable=includedir libsodium returns a non-empty path), assume libsodium is installed and use it instead of libnacl. To use libnacl, set NACL_INC_DIR, NACL_LIBDIR and NACL_LIB accordingly. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-11-30astraceroute: Fix for reading mirrors from fileMandar Gokhale1-2/+2
If the file that GeoIP mirror addresses are being read from lacks a terminating newline, then the code that reads them in exhibits an off-by-one error. Example of such a file: $ xxd /etc/netsniff-ng/geoip.conf 00000000: 6765 6f6c 6974 652e 6d61 786d 696e 642e geolite.maxmind. 00000010: 636f 6d com Fix this by explicitly getting the part of the string before the newline using `strcspn`. Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
2018-10-22trafgen: fixed '--in -' to work again with STDINJaroslav Škarvada1-1/+1
This has been broken by commit 4e47fd021a6945aa626eaef4446c5b547d8c2a85. Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-10-04mz: Add error handling for mismatched address familiesMandar Gokhale1-13/+70
Check for errors in IP addresses specified, and throw an appropriate error if they are not specified properly, e.g. if user uses `-6` option with an IPv4 source address. Closes #166 Signed-off-by: Mandar Gokhale <mandarg@mandarg.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-09-20netsniff-ng v0.6.5v0.6.5Tobias Klauser1-1/+1
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-08-22AUTHORS: add Matteo CroceTobias Klauser1-0/+1
Add Matteo Croce for PR #194 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-08-22mausezahn: improve random mac address generationMatteo Croce6-47/+33
Modify -b option to generate all random MAC addresses. Improve the random generation algorithm, use nrand48() which fills the ethernet address in two calls instead of six calls to rand() and six floating point calculations. Set the locally administered bit of generated MAC addresses. Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-06-20AUTHORS: add Radoslav BodoTobias Klauser1-0/+1
Add Radoslav Bodo for commit 76bd307a8ce8 ("trafgen: support ICMPv6 checksums") submitted via PR #193. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-06-20trafgen: support ICMPv6 checksumsRadoslav Bodo4-1/+12
Usage: csumicmp6(14, 54) Signed-off-by: Radoslav Bodo <bodik@cesnet.cz> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-31AUTHORS: add Nick GrauelTobias Klauser1-0/+1
Add Nick Grauel for commit 3f26829394ea ("mausezahn: Restore handling of raw hex string passed in on command line") via PR #191. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-31mausezahn: Restore handling of raw hex string passed in on command lineNick Grauel1-1/+5
Originally all hex strings (whether they were given on the command line or in a file) were handled by a call to str2hex(): bytestring_s = str2hex (tx.arg_string, bytestring, MAX_PAYLOAD_SIZE); Commit f634c74 added code to parse out "payload=" or "p=" flags that may have been added at the start of the hex string. This code also changed the logic around this str2hex() call to only call the function and populate bytestring_s if one of these flags was found. This broke the ability to pass in a raw hex string on the command line since it fails the check and bytestring_s is never populated with the hex bytes. I've added an else condition to make the str2hex() call using the old method in cases where no "payload=" or "p=" flags are found. Signed-off-by: Nick Grauel <nicolas.grauel@plexxi.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-17man: reformat all man pagesTobias Klauser7-581/+669
- use .TP for option and example labels - use .BR for references to other manpages, also in description texts - highlight options using .B in description texts - misc. cleanups Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-15AUTHORS: add Petr MachataTobias Klauser1-0/+1
Add Petr Machata for commit f6d450a5e405 ("mausezahn: Fix IPv6 address comparison"). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-15mausezahn: Fix IPv6 address comparisonPetr Machata1-2/+2
CMP_INT evaluates its arguments more than once, and thus passing a post-incremented pointer as an argument causes double increments and hence buffer overruns. This can be observed by erratic behavior of IPv6 address ranges. Fix by moving the increment to loop header. Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-14man: netsniff-ng: document time formats for -o/--outTobias Klauser1-16/+20
Commit e3e8eea41966 ("netsniff-ng: add date format strings to --out.") introduced the possibility to specify time formats in the -o/--out parameter. Document this in netsniff-ng(8) Updates #158 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-05-14netsniff-ng: add date format strings to --outDaniel Roberson1-3/+18
This adds the ability to use date(1)/strftime(3) style format strings when specifying an output file. Example: netsniff-ng --out %Y-%m-%d.pcap ### outputs to 2018-04-20.pcap Fixes #158 Signed-off-by: Daniel Roberson <daniel@planethacker.net> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-04-19AUTHORS: add Daniel RobersonTobias Klauser1-0/+1
Add Daniel Roberson for 15f78c073276 ("mausezahn: fix strtok() segfault if s or m are missing") via PR #189 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-04-19mausezahn: fix strtok() segfault if s or m are missingDaniel Roberson1-7/+21
The -d flag will result in a segmentation fault if 'm' or 's' are specified without a numeric value. Example: mausezahn -d m ### Results in a crash Signed-off-by: Daniel Roberson <daniel@planethacker.net> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-08trafgen: support dumping IPv6 protocol header commandTobias Klauser2-0/+44
Support dissecting IPv6 headers into the îp6' trafgen protocol header command. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-07make: consider $DESTDIR when creating $DATDIRTobias Klauser1-1/+1
Reported-by: @asavah Fixes: 44ceece354c5 ("geoip: store GeoIP files in $(PREFIX)/share by default") Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-06all: drop fmem{cpy,set}Tobias Klauser10-45/+39
There is no need to explicity use the builtins. According to [1], GCC will recognize mem{cpy,set} as built-in functions, unless the corresponding -fno-builtin-* option is specified (which is not the case for netsniff-ng). [1] https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-06trafgen: fix signedness warning in cleanup_packetsTobias Klauser1-1/+1
This fixes the following GCC warning: trafgen_parser.y: In function ‘cleanup_packets’: trafgen_parser.y:1479:18: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] for (k = 0; k < hdr->sub_headers_count; k++) Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-06trafgen: don't close dev_out and dev_in in parent processTobias Klauser1-4/+4
They are opened in main_loop which is only executed in the child(ren), so close them there again. This avoids closing the devices twice, which may lead to segfaults. Fixes #188 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-03-06geoip: store GeoIP files in $(PREFIX)/share by defaultTobias Klauser3-9/+14
The /etc directory shouldn't contain non-human-readable files. netsniff-ng (when called with the '-U' option) currently installs the GeoIP database files to /etc/netsniff-ng by default. Change this to install them to $(PREFIX)/share/netsniff-ng instead, which is conformant to the FHS [1]. [1] https://wiki.debian.org/FilesystemHierarchyStandard Also create the respective directory in the 'make install' target. Fixes #187 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-01-22ring: use xzmalloc_alignedTobias Klauser1-2/+1
Use xzmalloc_aligned instead of open-coding it. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-01-22bpf: don't use builtin memset/memcpy in bpf_parse_rulesTobias Klauser1-7/+8
bpf_parse_rules is not called in a fast path, so just use the plain memset/memcpy and let the compiler decide whether they should be replaced. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-01-12netsniff-ng: add DCCP supportMarkus Amend4-0/+157
Adds a first rudimentary support for the DCCP protocol. Signed-off-by: Markus Amend <markus.amend@telekom.de> [tk: minor formatting tweaks] Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-01-05netsniff-ng v0.6.4v0.6.4Tobias Klauser1-2/+2
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-12-19flowtop: Fix use-after-free on filter reloadVadim Kochan1-14/+16
There is missing logic which removes flow entry from related proc's entry while destroying global flows list on filter reloading, hence add common __flow_list_del_entry which handles this logic for both cases - when ct destroyed or filter changed. This is a 2nd fix for issue #183. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-12-18flowtop: change tab title for process tabTobias Klauser1-1/+1
Use plural to match the "Flows" tab and because it usually shows multiple processes. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-12-18flowtop: Use RCU flow deletion from process entryVadim Kochan1-1/+1
Use cds_list_del_rcu for safer deletion flow from the process flow list to prevent possible use-after-free by UI thread when it is refreshing the processes. It may fix the #183 issue. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-12-14trafgen: fix dinc()/ddec() modifiersPaolo Abeni3-15/+5
currently, after dinc(), the valued stored inside the packet is not in the (min, max) range but in the (0, max - min + 1) range, 'counter->val' should be used instead of 'val'. Additionally the values computed for ddec() are corrupted, in: val = (val - counter->inc) % (counter->min - counter->max + 1); the divider is negative, we should use (counter->max - counter->min + 1) as in the INC case. Finally we can avoid the switch statement at update time, inverting the value of 'counter->inc' for decrement and using a data type wide enough for the 'inc' field. v1 -> v2: - changed 'counter->inc' type to int Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-10-20astraceroute: use switch instead of lookup table for short proto idcoverity_scanTobias Klauser1-6/+14
Avoid having a 58 entry array on stack of which only 3 are ever used. Just look up the short protocol identifier via a good'ol switch. Fixes Coverity CID 1381806 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-10-20trafgen: fix NULL pointer dereference in -i option parsingTobias Klauser1-5/+3
If trafgen is called with the -i option, it currently crashes due to an NULL pointer dereference. Fix it. Fixes Coverity CID 1381809 Fixes: 82a3c204c6f1 ("trafgen: Allow send packets from pcap file") Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-10-20trafgen: fix resource leaksTobias Klauser2-0/+2
Fix two resource leaks in trafgen. Fixes Coverity CID 1381807 and CID 1381811. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-10-20build: check for fopencookie() in configureTobias Klauser1-9/+42
fopencookie(3) is a non-standard GNU extension and some libc implementations might not provide it (e.g. musl). Check for fopencookie in the configure script and disable building curvetun in case the function is not available, as curvetun is the only tool using fopencookie. Fixes #174 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-09-15trafgen: fix packet socket initialization with multiple CPUsPaolo Abeni3-11/+20
The commit 78c13b71e196 ("trafgen: Allow to generate packets to output pcap file") introduced a regression when output is a network device and multiple CPU are in use: the packet socket is created before fork() and thus the socket is shared among all the processes: all of them except the first will fail while setting the tx_ring. Fix it splitting the io open() helper in a create() op, called before forking, and the open() op called by each process. Fixes: 78c13b71e196 ("trafgen: Allow to generate packets to output pcap file") Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-09-13ifpps: fix unintendet assignmentTobias Klauser1-2/+2
Variable rate is assigned instead of compared in the check of the interval in relation to the line rate. Fix it and at the same time fix the compared against interval value to match the message we show if the condition is fulfilled. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-09-13link: use uint32_t instead of u32Tobias Klauser2-6/+8
Use type uint32_t instead of u32 (which is typedef'ed to uint32_t in built_in.h) in order to avoid confusion wrt. kernel-/user-space types. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-09-13ifpps: use uint32_t instead of u32Tobias Klauser1-4/+4
Use type uint32_t instead of u32 (which is typedef'ed to uint32_t in built_in.h) in order to avoid confusion wrt. kernel-/user-space types. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-09-13dev: only calculate wireless bitrate if necessaryTobias Klauser2-6/+5
Only call wireless_bitrate (and thus the underlying ioctl) if strictly necessary, i.e. ethtool_bitrate returned 0. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-08-10trafgen: Dump proto headers in *.cfg formatVadim Kochan13-42/+460
Added trafgen_dump.c module which dumps headers from packet in .cfg format. Packet is dumped if -o <file>.cfg was specified, it might be useful to specify *.pcap file as input and convert it into .cfg file to edit proto fields in human readable format. To make it possible several main changes were added: 1) packet id is embedded into struct packet.id, and it is updated on each realloc_packet() 2) Added new struct proto_hdr.get_next_proto callback to make possible apply fields of next header. 3) Added new dev_io ops for writting packets into .cfg file, to re-use common dev_io mechsnism for packets dumping. Before dump the default ETH_PROTO fields are applied as first header and then next proto_hdr is identified via .get_next_proto(...) callback. Meanwhile only eth, arp, vlan, ip4, udp, & tcp protos can be dissected into *.cfg format. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-08-10trafgen: dev_io: Change read/write to specify struct packet *Vadim Kochan5-44/+49
Refactor dev_io_ops read & write to specify struct packet *, it may simplify a bit a caller logic. And it allow to keep required members within one struct packet object. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-08-10trafgen: Get packet from proto_hdr if possibleVadim Kochan4-6/+15
Replace using current_packet() by new proto_hdr_packet(hdr) function to obtain packet directly from header. This is more generic and flexible way, because it guarantees that packet really belongs to the header, which in case in current_packet() is not right because it means getting of last allocated packet. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>