Age | Commit message (Collapse) | Author | Files | Lines |
|
No need to duplicate the call to preprocess_packets(), just call it
directly after compile_packets()/compile_packets_str().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There might be a case when input file is located
in read-only directory and cpp fails when it tries to
create output file there, so use /tmp folder for that
as usually it should be writeable for any user.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use cpp_exec func to invoke C preprocesor.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use cpp_exec func from cpp.c module to invoke C preprocessor.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add cpp_exec func to invoke C preprocessor
which allow to change the logic in one place only.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add U/T/I/D/S runtime commands (same like for command line)
to filter flows by UDP/TCP/ICMP/DCCP/SCTP proto.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Ken-ichirou MATSUZAWA and Martin Hauke to the list of contributors.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If bpf file is not valid then cpp generated file is not
deleted because panic() func is invoked.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Move exit label to the correct place]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not print rtnl message if there is only nlmsg header, which is happen
when dump all rtnl table.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename attr_fmt to rta_fmt as it uses rtattr struct.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add dissection of basic Netlink Generic Controller family info.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print not handled attributes which will be helpful to
indicate such attributes and add dissection code.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add header bar to be symmetric to the footer.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make __do_lookup_inline an inline function and shorten its name to
__lookup_inline.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not needlessly duplicate code between the oui and the lookup module.
Instead, add an additional lookup table for OUIs to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure every lookup table is only initialized once. Preparatory patch
before moving OUI lookup.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It's not only ports we look up, make the names a bit more generic.
Preparatory patch before moving OUI lookup to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The lines in an HTTP request should all end with \r\n (CRLF) according
to RFC 2616, so use these consistently.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The end of the buffer might already contain part of the data payload.
Setting the last byte to 0 will thus corrupt the gz file, leading to
failed decompression (or previously, to invalid GeoIP database files).
The NULL-termination is not necessary in this case, so just omit it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In case the downloaded gzip file got corrupted somehow, the gzread would
fail, leaving part of the file uninflated and thus leading to a
corrupted GeoIP database. This can in the worst case lead to a crash in
libgeoip which in turn causes netsniff-ng/flowtop/astraceroute to crash.
So better panic() if we fail to uncompress.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It looks like the result of RTA_PAYLOAD() can be of different type
depending on architecture/kernel header version/...
In order to prevent warnings related to non-matching types, just
explicitly cast RTA_LEN to an int, since it can't possible be larger
than the unsigned short of rta_len anyhow and it is used as an in in the
call to device_addr2str().
Fixes: 664dcf4217 ("netsniff-ng: nlmsg: Use correct pritnf format specifier for int")
Reported-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check whether there were flags printed before and if this is the case,
add a space before printing the next flag. Nicely wrap this all in a
macro.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
RTA_LEN is defined as an alias of RTA_PAYLOAD which is defined as:
#define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0))
Thus use the correct format specifier %d for int instead of %lu.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
ctx->pkts_recvd_last and ctx->pkts_drops_last are uint64_t, so use the
PRIu64 format specifier to print them.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Example shows how to filter rtnetlink messages by ifindex & oper state.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not perform fclose for stdin fd.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Allow read compiled BPF instructions from stdin by via '-f -' option.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix calls to calc_csum() missed in the previous commit b2eaec6.
Fixes: b2eaec6 ("csum: Remove unused parameter from calc_csum()")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The `ccsum' parameter to calc_csum() is never used and is set to 0 by
all callers. There's no reason to keep it, so remove it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Craft packet directly from command line with same syntax as for conf file.
It might be as first step to extend current syntax with specific proto fields.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move piece of code which converts cmdline args vector to string
from netsniff-ng.c to str.c as function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
No need to use if/else, just toogle it like any other bool.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add command 'a' to show only active flows with rate > 0 (dst or src).
Now 'n->is_visible' means which flow to show by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add interactive command 'b' to change rate units to show.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show help window by pressing '?' with interactive commands description.
Added simple footer bar with help label.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Just add a newline before notes.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Redirect stderr output of pkg-config to config.log in order to not spam
the configure output with pkg-config errors. Instead, use the same
pkg-config commands as for the other library checks to get
libnetfilter_conntrack cflags. Additionally, use pkg-config to the the
linker flags as well.
Fixes: 19991f90 ("build: Handle libnetfilter-conntrack with pkg-config")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
libnl-route is used in netsniff-ng to dump nlmsg flags.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Since we have such a nice naming scheme (who can guess it?), mention the
release name in the release announcement.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Merge shrinking code duplicated for RX/TX rings into an own generic
function.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print the strerror() and rephrase the message a bit.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Seems like screen is updating too frequently which
may block some terminals, so lets do it once in 1s
but only if no key was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is not necessary to do not allow run application if
there is no conf file for port resolving, but instead print
message to stderr.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use copyright text from one place when print it in version or help output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Let AF_PACKET do this job to fail in case boundaries are too small or
too large. I found it quite useful for testing the kernel.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Spell out "resolve" properly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Needed for openSUSE since they have versioned libnetfilter-header files.
Signed-off-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|