- Project tools
-
-
- How do I...
-
| Category |
Featured projects |
| scm |
Subversion,
Subclipse,
TortoiseSVN,
RapidSVN
|
| issuetrack |
Scarab |
| requirements |
xmlbasedsrs |
| design |
ArgoUML |
| techcomm |
SubEtha,
eyebrowse,
midgard,
cowiki |
| construction |
antelope,
scons,
frameworx,
build-interceptor,
propel,
phing
|
| testing |
maxq,
aut
|
| deployment |
current |
| process |
ReadySET |
| libraries |
GEF,
Axion,
Style,
SSTree
|
| Over 500 more tools... |
|
dbsniff
Project home
If you were registered and logged in, you could join this project.
dbsniff is a set of tools I used for some scripting and
network dump file analyzing for my diploma thesis. The tools are mainly
written for that purpose, although I sometimes wanted one of them
earlier, but never got the time to implement them. Until now :)
Contained programs are:
esniff (formerly extsniff) is my
network analysis
tool. It is meant as a simple replacement for tcpdump, easier to operate, but - by far! - not as powerful. Main purpose is to calculate some statistical data, and to print out this data in a tabular way to be processed by tools.
nwait and npush are two
command line tools who
implement the MS-DOS command.com / cmd.exe pause-functionality
over the
network: nwait
waits until it
gets "pushed" by npush.
wdate is a
program which does
quite the same as the date
program on Unix/Linux, but on Windows - it prints user-formatted time
strings on the command line. Useful for scripting. Currently only
working on Windows (well, Linux is simply untested, but who would need
that there, anyways??)
loss_chk and
loss_srv are
for measuring the
loss-rate of a given communications channel. Only requirement: is has
to be able to transport UDP traffic.
So it's nothing professional, and development is unregular at best, but
it is not already present anywhere else as far as I know (otherwise I
would not have started this :-).
Content
News (yes,
it's active :-)
- 2005.11.12: esniff:
Changed behavior: The default mode is now "-p", and now it is possible
to set more than one flag. It's stupid, because the output is not
readable, but it's possible :) . Fixed some help output issues, too (I
remember having done that). Also updated downloadable windows
executables.
- 2005.07.10: loss_chk/loss_srv: added working project files for Dev-C++ (fixed bug in winwrap.h which prevented compiling)
- 2005.07.02: extsniff/nwait/npush:
re-created working Dev-C++
project files along with a few build instructions.
extsniff/npush/nwait/loss_chk/loss_srv/wdate: Re-created broken MS
Visual Studio projects. Compiles fine now :) Binary versions now available for download, compiled with Visual Studio (see installation section for that). Also available now are source distributions as ZIP archive, just for convenience.
- 2005.01.23:
extsniff:
fixed one bug in "print
contents" mode and made an output correction.
- 2005.01.22:
extsniff:
throughput mode
(standard) now works beautifully.
- 2004.11.25: extsniff:fixed
some nasty bugs in
the main event loop for packet capturing.
- 2004.11.17:
extsniff:
fixed a bug in
calculation of capture session duration and added a switch to reverse
the meaning of the reference IP
- 2004.11.05:
extsniff:
Massive code cleanups,
massive flag changes, massive bug fixes. Just massive. Added some
features (more information in print packet header mode and summary
mode, file output possibility), and made some things more clear.
- 2004.09.20:
Added
continous option to loss_chk
and a possibility to remote-reset a test. Fixed loss percentage output
in loss_srv.
Already made some changes of the Linux Makefile, so both utilities
compile on Linux without problems. Extdump still broken ... (no one
needs it anyways)
UPDATE 18:45h CET:
uploaded
the really
working
versions with BIG
changes to the communications code. Added payload size display.
- 2004.09.15:
Added loss_chk
and loss_srv,
two utilities based on npush/nwait for checking loss ratio of a
communication channel. Windows only for now, but should compile on
Linux like a charm (note: I said "should" ... :-)
- 2004.09.15:
Added wdate,
a
utility to print formatted time / date strings and Unix-time on Windows
(basically a primitive "date" from *nix using strftime())
and did
some header cleaning - there are wrapper headers now for Windows and
Linux.
- 2004.09.02:
Hands on
summary mode:
added average payload size (calculation ignores packets with zero
payload), fixed some internal stuff and warnings.
- 2004.09.01:
Hands on
summary mode:
added multiple use of -D and fixed a bug which falsely counted
TCP-decoded UDP packets.
- 2004.08.31:
added nwait /
npush to Linux Makefile, compiles without problems now. Done some very
minor header
stuff to overcome some Windows / Linux issues in network
initialization.
- 2004.08.26:
added -s
switch to npush/nwait - nwait will only exit if npush has same setting
(though it's not set on nwait settings on npush have no effect)
Installation
The current compilation status is as follows:
- Linux: Builds
on
Debian last time I tried.
Not statically (as intended originally), but it builds.
- Windows
(Visual Studio
.NET): Completely new Visual Studio project files, working perfectly.
- Windows
(Dev-C++): Builds, project files included (but only for esniff, npush, nwait, the others will follow).
- Windows and
Cygwin/Mingw:
Makefile included, but could be out of date and not work. Will be checked soon.
- Any other:
if it's *nix,
it should do. If not, it might do. Work is needed in any case then,
though ...
Of course you can always download the latest
binaries for Windows, or a snapshot of the latest source (but this might not be the most current one, be warned). For any *nix like OS I do not provide
binaries, so you have to check out the sources via CVS and pray and
type "make".
They should be in a state which allows compilation most of the time.
Known issues
- The code is quite messy, I think.
- The throughput modes of extsniff are probably usable. (The
probably is the issue :-)
- Statistics mode broken most probably. If not you won't get
the
data :-)
Last words
A remark: If you stumble on this page, and if you should
find
something on here useful, I would be happy if you'd drop me a mail.
My email is the-me (AT@)
the-me
(DOT.) de. Thanks!
Related resources
(or: requirements)
- WinPcap
- the Windows port
of the libPcap packet capturing library
- Sleepycat
Berkeley DB -
the binary "database" used. Small and fast.
- Dev-C++
- the compiler
used on Windows. A free MinGW based IDE, quite good (and free).
- Microsoft Visual Studio .NET - I used that to create most
of the
programs
- GPF-Comics.com
and UserFriendly
- daily drugs.
|
