From 5f4152b01e17433b29e3f9cc1407b60800b1e0b9 Mon Sep 17 00:00:00 2001
From: Tobias Klauser <tklauser@distanz.ch>
Date: Wed, 28 May 2014 14:32:10 +0200
Subject: netsniff-ng: Add netlink dissector

Add an initial implementation of a dissector to work on netlink messages
as received from an nlmon device.

Use can use it as follows to monitor netlink traffic to/from the kernel:

  modprobe nlmon
  ip link add type nlmon
  ip link set nlmon0 up

  netsniff-ng -i nlmon0

  ip link set nlmon 0 down
  ip link del dev nlmon0
  rmmod nlmon

Fixes: #89
Suggested-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
---
 netsniff-ng/Makefile | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'netsniff-ng')

diff --git a/netsniff-ng/Makefile b/netsniff-ng/Makefile
index 2ddddfd..745bb1d 100644
--- a/netsniff-ng/Makefile
+++ b/netsniff-ng/Makefile
@@ -13,6 +13,7 @@ endif
 netsniff-ng-objs =	dissector.o \
 			dissector_eth.o \
 			dissector_80211.o \
+			dissector_netlink.o \
 			proto_arp.o \
 			proto_ethernet.o \
 			proto_icmpv4.o \
@@ -30,6 +31,7 @@ netsniff-ng-objs =	dissector.o \
 			proto_ipv6_no_nxt_hdr.o \
 			proto_ipv6_routing.o \
 			proto_lldp.o \
+			proto_nlmsg.o \
 			proto_none.o \
 			proto_tcp.o \
 			proto_udp.o \
-- 
cgit v1.2.3-54-g00ecf