| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Store the default "dump-" prefix in ctx->prefix instead of checking it
every time in generate_multi_pcap_filename.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Whang Choi for PR #202
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add a new option -O, --overwrite which allows to rotate capture files.
The timestamp in the file name is replaced with a number that wraps
around after reaching the specified number of files.
Example usage:
netsniff-ng -s -F 1KiB -O 10 -i eth0 -o /output/folder
Fixes #147
Signed-off-by: Whang Choi <wch0x01@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If libsodium is installed (i.e. pkg-config --variable=includedir
libsodium returns a non-empty path), assume libsodium is installed and
use it instead of libnacl.
To use libnacl, set NACL_INC_DIR, NACL_LIBDIR and NACL_LIB accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If the file that GeoIP mirror addresses are being read from lacks a
terminating newline, then the code that reads them in exhibits an
off-by-one error.
Example of such a file:
$ xxd /etc/netsniff-ng/geoip.conf
00000000: 6765 6f6c 6974 652e 6d61 786d 696e 642e geolite.maxmind.
00000010: 636f 6d com
Fix this by explicitly getting the part of the string before the
newline using `strcspn`.
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
|
|
This has been broken by commit 4e47fd021a6945aa626eaef4446c5b547d8c2a85.
Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check for errors in IP addresses specified, and throw an appropriate
error if they are not specified properly, e.g. if user uses `-6`
option with an IPv4 source address.
Closes #166
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Matteo Croce for PR #194
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Modify -b option to generate all random MAC addresses.
Improve the random generation algorithm, use nrand48() which fills the
ethernet address in two calls instead of six calls to rand() and six
floating point calculations.
Set the locally administered bit of generated MAC addresses.
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Radoslav Bodo for commit 76bd307a8ce8 ("trafgen: support ICMPv6
checksums") submitted via PR #193.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Usage: csumicmp6(14, 54)
Signed-off-by: Radoslav Bodo <bodik@cesnet.cz>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Nick Grauel for commit 3f26829394ea ("mausezahn: Restore handling of
raw hex string passed in on command line") via PR #191.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Originally all hex strings (whether they were given on the command line
or in a file) were handled by a call to str2hex():
bytestring_s = str2hex (tx.arg_string, bytestring, MAX_PAYLOAD_SIZE);
Commit f634c74 added code to parse out "payload=" or "p=" flags that may
have been added at the start of the hex string. This code also changed the
logic around this str2hex() call to only call the function and populate
bytestring_s if one of these flags was found. This broke the ability to
pass in a raw hex string on the command line since it fails the check and
bytestring_s is never populated with the hex bytes. I've added an else
condition to make the str2hex() call using the old method in cases where
no "payload=" or "p=" flags are found.
Signed-off-by: Nick Grauel <nicolas.grauel@plexxi.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
- use .TP for option and example labels
- use .BR for references to other manpages, also in description texts
- highlight options using .B in description texts
- misc. cleanups
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Petr Machata for commit f6d450a5e405 ("mausezahn: Fix IPv6 address
comparison").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
CMP_INT evaluates its arguments more than once, and thus passing a
post-incremented pointer as an argument causes double increments and
hence buffer overruns. This can be observed by erratic behavior of IPv6
address ranges. Fix by moving the increment to loop header.
Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Commit e3e8eea41966 ("netsniff-ng: add date format strings to --out.")
introduced the possibility to specify time formats in the -o/--out
parameter. Document this in netsniff-ng(8)
Updates #158
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This adds the ability to use date(1)/strftime(3) style format strings
when specifying an output file.
Example:
netsniff-ng --out %Y-%m-%d.pcap ### outputs to 2018-04-20.pcap
Fixes #158
Signed-off-by: Daniel Roberson <daniel@planethacker.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Daniel Roberson for 15f78c073276 ("mausezahn: fix strtok() segfault
if s or m are missing") via PR #189
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The -d flag will result in a segmentation fault if 'm' or 's' are
specified without a numeric value.
Example: mausezahn -d m ### Results in a crash
Signed-off-by: Daniel Roberson <daniel@planethacker.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support dissecting IPv6 headers into the îp6' trafgen protocol header
command.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Reported-by: @asavah
Fixes: 44ceece354c5 ("geoip: store GeoIP files in $(PREFIX)/share by default")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is no need to explicity use the builtins. According to [1], GCC
will recognize mem{cpy,set} as built-in functions, unless the
corresponding -fno-builtin-* option is specified (which is not the case
for netsniff-ng).
[1] https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This fixes the following GCC warning:
trafgen_parser.y: In function ‘cleanup_packets’:
trafgen_parser.y:1479:18: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
for (k = 0; k < hdr->sub_headers_count; k++)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
They are opened in main_loop which is only executed in the child(ren),
so close them there again. This avoids closing the devices twice, which
may lead to segfaults.
Fixes #188
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The /etc directory shouldn't contain non-human-readable files.
netsniff-ng (when called with the '-U' option) currently installs the
GeoIP database files to /etc/netsniff-ng by default.
Change this to install them to $(PREFIX)/share/netsniff-ng instead,
which is conformant to the FHS [1].
[1] https://wiki.debian.org/FilesystemHierarchyStandard
Also create the respective directory in the 'make install' target.
Fixes #187
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use xzmalloc_aligned instead of open-coding it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
bpf_parse_rules is not called in a fast path, so just use the plain
memset/memcpy and let the compiler decide whether they should be
replaced.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Adds a first rudimentary support for the DCCP protocol.
Signed-off-by: Markus Amend <markus.amend@telekom.de>
[tk: minor formatting tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is missing logic which removes flow entry from
related proc's entry while destroying global flows list on
filter reloading, hence add common __flow_list_del_entry which
handles this logic for both cases - when ct destroyed or filter
changed.
This is a 2nd fix for issue #183.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use plural to match the "Flows" tab and because it usually shows
multiple processes.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use cds_list_del_rcu for safer deletion flow from the process flow
list to prevent possible use-after-free by UI thread when it is
refreshing the processes.
It may fix the #183 issue.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
currently, after dinc(), the valued stored inside the packet is
not in the (min, max) range but in the (0, max - min + 1) range,
'counter->val' should be used instead of 'val'.
Additionally the values computed for ddec() are corrupted, in:
val = (val - counter->inc) % (counter->min - counter->max + 1);
the divider is negative, we should use (counter->max - counter->min + 1)
as in the INC case.
Finally we can avoid the switch statement at update time, inverting
the value of 'counter->inc' for decrement and using a data type wide
enough for the 'inc' field.
v1 -> v2:
- changed 'counter->inc' type to int
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Avoid having a 58 entry array on stack of which only 3 are ever used.
Just look up the short protocol identifier via a good'ol switch.
Fixes Coverity CID 1381806
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If trafgen is called with the -i option, it currently crashes due to an
NULL pointer dereference. Fix it.
Fixes Coverity CID 1381809
Fixes: 82a3c204c6f1 ("trafgen: Allow send packets from pcap file")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix two resource leaks in trafgen.
Fixes Coverity CID 1381807 and CID 1381811.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
fopencookie(3) is a non-standard GNU extension and some libc
implementations might not provide it (e.g. musl).
Check for fopencookie in the configure script and disable building
curvetun in case the function is not available, as curvetun is the only
tool using fopencookie.
Fixes #174
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The commit 78c13b71e196 ("trafgen: Allow to generate packets
to output pcap file") introduced a regression when output is
a network device and multiple CPU are in use: the packet
socket is created before fork() and thus the socket is shared
among all the processes: all of them except the first will
fail while setting the tx_ring.
Fix it splitting the io open() helper in a create() op,
called before forking, and the open() op called by each process.
Fixes: 78c13b71e196 ("trafgen: Allow to generate packets to output pcap file")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Variable rate is assigned instead of compared in the check of the
interval in relation to the line rate. Fix it and at the same time fix
the compared against interval value to match the message we show if the
condition is fulfilled.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use type uint32_t instead of u32 (which is typedef'ed to uint32_t in
built_in.h) in order to avoid confusion wrt. kernel-/user-space types.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use type uint32_t instead of u32 (which is typedef'ed to uint32_t in
built_in.h) in order to avoid confusion wrt. kernel-/user-space types.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Only call wireless_bitrate (and thus the underlying ioctl) if strictly
necessary, i.e. ethtool_bitrate returned 0.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Added trafgen_dump.c module which dumps headers from packet
in .cfg format. Packet is dumped if -o <file>.cfg was specified,
it might be useful to specify *.pcap file as input and convert it
into .cfg file to edit proto fields in human readable format.
To make it possible several main changes were added:
1) packet id is embedded into struct packet.id, and
it is updated on each realloc_packet()
2) Added new struct proto_hdr.get_next_proto callback
to make possible apply fields of next header.
3) Added new dev_io ops for writting packets into .cfg file,
to re-use common dev_io mechsnism for packets dumping.
Before dump the default ETH_PROTO fields are applied as first header and
then next proto_hdr is identified via .get_next_proto(...) callback.
Meanwhile only eth, arp, vlan, ip4, udp, & tcp protos can be dissected
into *.cfg format.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Refactor dev_io_ops read & write to specify struct packet *,
it may simplify a bit a caller logic. And it allow to keep
required members within one struct packet object.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Replace using current_packet() by new proto_hdr_packet(hdr)
function to obtain packet directly from header. This is more
generic and flexible way, because it guarantees that packet really
belongs to the header, which in case in current_packet() is not right
because it means getting of last allocated packet.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Zhouyang jia for commit 9f87a7b3aa (PR #180).
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mausezahn will crash when given wrong payload file, e.g., "$./mausezahn
-f wrong_file". This patch fixes the segmentation fault by adding
error-handling code to fopen.
Signed-off-by: Zhouyang Jia <jiazhouyang09@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
