|
|
|
netsniff-ng is a free, performant Linux networking toolkit.
The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.
For this purpose, the netsniff-ng toolkit is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. Furthermore, we are focussing on building a robust and clean analyzer and utilities that complete netsniff-ng as a support for network development, debugging or network reconnaissance.
The netsniff-ng toolkit consists of the following utilities:
(Note: libpcap starting from 1.0.0 now also supports zero-copy, but for capturing only! netsniff-ng's pcap files can also be opened with tools like Wireshark, and vice versa!)
Source control
There's a public Git repository at GitHub where you can check out the entire code base. If you are curious about the latest development happenings, you really might prefer our Git master's branch instead of the tarballs within our public archive. However, in case of the tarballs, you might want to check the downloaded archives for inconsistencies with md5sum -c MD5SUMS or sha256sum -c SHA256SUMS.
Documents
There is a netsniff-ng frequently asked question site and for participating in development have a look at the documentation files within the source code. Here is also a FAQ about the GNU GPL version 2, under which netsniff-ng is licensed.
For reporting bugs please use our bug tracking system or write an e-mail to .
Contribute
If you think this software is great, then please consider donating (Flattr) some money to help us to keep up development, server fees, or travelling costs for conferences. If you would like to help otherwise, we would like to see more people to:
Currently, netsniff-ng is only available for Linux platforms. If you have a port for *BSD, let us know for merging your port into the main source tree. However, please do NOT PORT netsniff-ng to Windows! (Here is a nice explanation why; we really share Felix von Leitner's point of view.)
The man page of each stable release of netsniff-ng will cover all of the usage details. It is included within the source code distribution package. We also have a frequently asked question page. Furthermore, the documents within the repository will give you some useful information.
To dig into the inner workings of the Berkeley Packet Filter architecture have a look at this.
Documentation about the ``packet_mmap'' architecture with ``pf_packet'' sockets for the Linux kernel can be downloaded from kernel.org under packet_mmap.txt.
A mailing list for netsniff-ng moderated (spam free) user discussions is open to the public. Subscribe and mail to . There's also an archive at Gmane and a searchable archive.
Before posting questions, have a look at our FAQ.
Distribution specific packages -- a huge thanks to our awesome maintainers -- may be found here:
Some documents and other resources may be found here:
Note: If your netsniff-ng related project / article / paper / ... should be added here, simply drop us a mail.
Copyright (C) 2009-2012 Daniel Borkmann
,
Emmanuel Roullit
and others
|
