Skip to content

markusa/netsniff-ng_filter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

It's a fork from git://github.com/gnumaniacs/netsniff-ng.git in the development stage
o version 0.5.7. Date: May 07, 2012.

It's only a prototype, so some functions could be deprecated or faulty.

Install as described in INSTALL file and test it with ftp://wireshark.org/automated/captures/fuzz-2012-04-27-376.pcap.

Call netsniff-ng with the following string:

netsniff-ng -i path/to/examples/pcap/fuzz-2012-04-27-376.pcap -L foo -s

Only change the path to the PCAP file. Option -L enables the high level filtering an needs a string argument which has no effect.
It's for a later implementation of dynamic filter strings. -s is optional and enable silent mode.

Only dissectors for ethernet, vlan, ipv4, tcp, and udp are enabled, so other protocols are not recognized.

Filter string is changeable at src/dissector.c line 69.
A list of filter-arguments can be found in src/proto_filter.h

A performance test and comparison is below src/performance/summary.txt

About

Try to implement a high level filter

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages