////////////////////////////////////////////////////////////////////////////// netsniff-ng - the packet sniffing beast \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ . . netsniff-ng is a free, performant /( )\ Linux network analyzer and .' {______} '. networking toolkit. If you will, \ ^, ,^ / the Swiss army knife for network |'O\ /O'| _.<0101011>-- packets. > `' '` < / ) ,.==., ( | Web: http://netsniff-ng.org .-(|/--~~--\|)-' ( ___ The gain of performance is \__.=|___E reached by built-in zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space, and vice versa. The netsniff-ng toolkit's primary usage goal is to facilitate a network developer's / hacker's daily Linux plumbing. It can be used for network development, debugging, analysis, auditing or network reconnaissance. It consists of the following fixed set of utilities: * netsniff-ng: a zero-copy packet analyzer, pcap capturing/replaying tool * trafgen: a multithreaded low-level zero-copy network packet generator * mausezahn [*]: high-level packet generator for appliances with Cisco-CLI * ifpps: a top-like kernel networking and system statistics tool * curvetun [*]: a lightweight curve25519-based multiuser IP tunnel * astraceroute: an autonomous system trace route and DPI testing utility * flowtop: a top-like netfilter connection tracking tool * bpfc: a [seccomp-]BPF (Berkeley packet filter) compiler, JIT disassembler Note that tools marked with [*] should be considered as experimental for now, and not used in production environments as they still need more work to be fully stable and in line with others. You have been warned! Each release can be verified with Git and GPG, here are the steps to do so: 1) Import the maintainers public keys: git show maint-tklauser-pgp-pub | gpg --import git show maint-dborkman-pgp-pub | gpg --import 2) Verify the Git tag: git tag -v Carefully read the INSTALL document for the next steps in building netsniff-ng. Note that the toolkit is still quite young and under heavy development, not yet feature complete and in a quality level where we're satisfied with (i.e. for mausezahn). However, we're on a good way towards tackling all these goals. The netsniff-ng toolkit is an open source project covered by the GNU General Public License, version 2.0. For any questions or feedback about netsniff-ng you are welcome to leave us a message at . netsniff-ng is non-profit and provided in the hope, that it is found useful. The current project status can be considered as "working". In general, all tools have been tested by us to a great extend including their command-line options. In fact, many of our tools are used in a lot of production systems. However, we give no guarantee that our tools are free of bugs! If you spot some issues, contact us as described in REPORTING-BUGS. Also, have a look at our online FAQ for answering your questions. This project has received support from companies and institutions listed in the according section in the AUTHORS file. Thanks for contributing, we're thrilled to provide you with netsniff-ng! Happy packet hacking! ion>mode:
authorJosh Poimboeuf <jpoimboe@redhat.com>2016-12-22 09:02:49 -0600
committerIngo Molnar <mingo@kernel.org>2016-12-23 20:32:30 +0100
commitc280f7736ab26a601932b1ce017a3840dbedcfdc (patch)
treeca07c17a22621acbfec0f03521ba9098de620629
parentcef4402d7627f14a08571e7c816b199edf8cc24b (diff)
Revert "x86/unwind: Detect bad stack return address"
Revert the following commit: b6959a362177 ("x86/unwind: Detect bad stack return address") ... because Andrey Konovalov reported an unwinder warning: WARNING: unrecognized kernel stack return address ffffffffa0000001 at ffff88006377fa18 in a.out:4467 The unwind was initiated from an interrupt which occurred while running in the generated code for a kprobe. The unwinder printed the warning because it expected regs->ip to point to a valid text address, but instead it pointed to the generated code. Eventually we may want come up with a way to identify generated kprobe code so the unwinder can know that it's a valid return address. Until then, just remove the warning. Reported-by: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Link: http://lkml.kernel.org/r/02f296848fbf49fb72dfeea706413ecbd9d4caf6.1482418739.git.jpoimboe@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat