Age | Commit message (Collapse) | Author | Files | Lines |
|
Craft packet directly from command line with same syntax as for conf file.
It might be as first step to extend current syntax with specific proto fields.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move piece of code which converts cmdline args vector to string
from netsniff-ng.c to str.c as function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
No need to use if/else, just toogle it like any other bool.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add command 'a' to show only active flows with rate > 0 (dst or src).
Now 'n->is_visible' means which flow to show by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add interactive command 'b' to change rate units to show.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show help window by pressing '?' with interactive commands description.
Added simple footer bar with help label.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Just add a newline before notes.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Redirect stderr output of pkg-config to config.log in order to not spam
the configure output with pkg-config errors. Instead, use the same
pkg-config commands as for the other library checks to get
libnetfilter_conntrack cflags. Additionally, use pkg-config to the the
linker flags as well.
Fixes: 19991f90 ("build: Handle libnetfilter-conntrack with pkg-config")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
libnl-route is used in netsniff-ng to dump nlmsg flags.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Since we have such a nice naming scheme (who can guess it?), mention the
release name in the release announcement.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Merge shrinking code duplicated for RX/TX rings into an own generic
function.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print the strerror() and rephrase the message a bit.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Seems like screen is updating too frequently which
may block some terminals, so lets do it once in 1s
but only if no key was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is not necessary to do not allow run application if
there is no conf file for port resolving, but instead print
message to stderr.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use copyright text from one place when print it in version or help output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Let AF_PACKET do this job to fail in case boundaries are too small or
too large. I found it quite useful for testing the kernel.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Spell out "resolve" properly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Needed for openSUSE since they have versioned libnetfilter-header files.
Signed-off-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
ethtool_drvinf() already clears the struct ethtool_drvinfo, so there is
no need to do it manually before calling it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make rate calculation more carefully by checking previous & current
bytes/pkts counter.
Do calculation only if update time passed >= 1s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is easier to differentiate bytes/pkts counters with rate counters
if to use different colors.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename flow_entry_direction to flow_direction, which is a bit shorter
and change the enum value names to be in upper case.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Handle non-zero return values by exiting flowtop like we do in the other
tools.
This fixes Coverity warnings CID 1338093 and CID 1338092.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the inline function packet_dyn_has_only_csums() which is used in the
previous commit but accidentially wasn't added there.
Fixes: b5d757a ("trafgen: Pre-calculate checksums if possible")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The TCP/UDP checksums cannot be calculated in the parser as the packet
payload following the TCP/UDP header is not yet know. However, we can
calculate these checksums before the send loop if the only dynamic
elements of the packet are checksums.
This change avoids the overhead of recalculating the checksums for every
iteration the send loop in these cases.
Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
We already do a memset before, no need to set members to null twice,
just some minor cleanup.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Lets make i and num as size_t, there's no particular reason for them
to be int. At least i is used to setup iov_base offsets.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
The number of frames in a tpacket ring (ring->layout.tp_frame_nr) is
currently calculated as:
tp_frame_nr = tp_block_size / tp_frame_size * tp_block_nr
Substituting tp_block_nr with 'size / tp_block_size' (as calculated in
the line above), we get:
tp_frame_nr = tp_block_size / tp_frame_size * (size / tp_block_size)
and realize that we can omit tp_block_size as it cancels out, leading
to:
tp_frame_nr = 1 / tp_frame_size * (size / 1)
= size / tp_frame_size
Adjust the calculation in setup_ring_layout_generic() accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Initialization of the ring->layout members is the same for RX and TX
rings. Instead of duplicating the code in setup_rx_ring_layout() and
setup_tx_ring_layout(), create a new function
setup_ring_layout_generic() which is called from the former two.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Update the zsh completion with option -n/--no-dns, -G/--no-geoip,
-b/--bits, -t/--interval.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add G,--no-geoip to the usage output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Replace bugs@netsniff-ng.com with netsniff-ng@googlegroups.com
which is used in REPORTING-BUGS file.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add -b,--bits command line option to show rates in bits/s instead of
bytes/s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure we always terminate the strings with '\0'. Also only set the
first byte to '\0' instead of memset()ing the entire buffer in case no
city/country is returned.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use boolean false/true for show_src option value. This makes the
handling of on/off parameters more consistent.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -G,--no-geoip which allows to disable GeoIP lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -n,--no-dns which allows to disable hostname lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use strlcpy to copy resolved src/dst hostname.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Remove superflous min() for size argument]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The SI prefix for 1000 is 'k', not 'K' (which is used for 1024 bytes by
some).
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add new -t,--interval option to specify flow refresh interval in
seconds.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Fix type conversion on rate calculation]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add notice about rate info to the feature list.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use GB/MB/KB for traffic rate & accounting.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Constify pointers struct flow_entry and struct nf_conntrack where
possible.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The cmdline entry of struct flow_entry is only used to display the
process name using basename() in presenter_screen_do_line(). Instead of
calling basename() everytime just call it once when we read the cmdline
proc entry and store the basename in struct flow_entry. Also rename the
struct member accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Calculate and display the rate of src/dst bytes and packets. Also change
the refresh time for the flows to 1s so the rate info will not disappear
too quickly.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The size member of struct pkt_buff is set but never accessed. It can
savely be dropped as we can still get the size implicitly using
pkt->tail - pkt->head if necessary.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently we only support full dissection of RTNL netlink messages. For
non-RTNL message we only print the header and omit the data.
Change this behavior and print a full ascii/hex dump of the remaining
data (like it is done in dissector_entry_point() for trailing data after
all known protocols have been processed) to give the user a chance to
still inspect the message content.
Reported-by: Geoff Ladwig <gladwig@verdantnetworks.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Allow other dissectors to access the hex/ascii printing functions with a
raw uint8_t* instead of only through struct pkt_buff.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
nl_nlmsg_flags2str() returns an empty string if the provided flags
argument is 0. Check this condition and display "none" instead to make
the output nicer to read.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|