| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
One might not want to install libnl just for sniffing packets, for
example if netsniff-ng will be compiled on embedded or switch system.
Hide libnl dependend code if CONFIG_LIBNL=0.
In case the `--rfraw' option is used, the user will get a panic
message. In case of netlink messages being sniffed, they will not be
dissected.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Since commit 1cc762a ("lookup: Move UDP/TCP port and Ethernet type
lookup into own module") the netsniff-ng tool is the only one using the
dissector infrastructure. Thus we no longer need to conditionally device
HAVE_DISSECTOR_PROTOS, since netsniff-ng is the only tool defining this.
While at it, also remove the __WITH_PROTOS macro which is checked in
dissector_init_ethernet/dissector_cleanup_ethernet but is defined
nowhere. This will cause the functions to be called from both the
ethernet and ieee80211 dissectors, thus make sure we check the
initialization state before freeing as well.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add an initial implementation of a dissector to work on netlink messages
as received from an nlmon device.
Use can use it as follows to monitor netlink traffic to/from the kernel:
modprobe nlmon
ip link add type nlmon
ip link set nlmon0 up
netsniff-ng -i nlmon0
ip link set nlmon 0 down
ip link del dev nlmon0
rmmod nlmon
Fixes: #89
Suggested-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
