netdude-devel Mailing List for Netdude
Status: Alpha
Brought to you by:
cpk
Menu
▾
▴
netdude-devel — Development contributions and/or questions? Here, please.
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(3) |
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
|
Feb
|
Mar
(4) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(9) |
Oct
(1) |
Nov
|
Dec
|
| 2003 |
Jan
(1) |
Feb
|
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
(2) |
Nov
(2) |
Dec
(2) |
| 2004 |
Jan
|
Feb
(1) |
Mar
|
Apr
(10) |
May
(4) |
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
(35) |
Nov
(4) |
Dec
|
| 2005 |
Jan
|
Feb
|
Mar
(11) |
Apr
|
May
(4) |
Jun
(4) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(1) |
| 2006 |
Jan
(14) |
Feb
(5) |
Mar
|
Apr
|
May
(2) |
Jun
|
Jul
(3) |
Aug
|
Sep
(2) |
Oct
|
Nov
(5) |
Dec
|
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(4) |
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
(3) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2010 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
(4) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
| 2012 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2013 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(3) |
Dec
|
|
From: Daniel S. <d.j...@gm...> - 2015-11-30 23:59:14
|
I should add that I'm using libnetdude-0.12.
$ lndtool --plugins
libnetdude protocol plugins:
--------------------------------------------------
Ethernet 0.12
ICMP 0.12
IPv4 0.12
VLAN 0.12
SLL 0.12
UDP 0.12
TCP 0.12
LLC/SNAP 0.12
801.11 0.12
ARP 0.12
FDDI 0.12
libnetdude feature plugins:
--------------------------------------------------
BPF-Filter 0.12
Checksum-Fix 0.12
Conntrack 0.10
Count 0.1
Demux 0.10
IAT 0.1
Mux 0.10
Sort 0.1
TA 0.10
Trace-Info 0.1
Trace-Set 0.10
Cheers,
Daniel
----- Forwarded message from Daniel Sheffield <d.j...@gm...> -----
Date: Tue, 1 Dec 2015 12:56:43 +1300
From: Daniel Sheffield <d.j...@gm...>
To: net...@li...
Subject: mux plugin bug
User-Agent: Mutt/1.5.21 (2010-09-15)
Hi all,
So I've found some bizzare behaviour with the mux plugin and all the depend on it...
Sometimes it seg faults depending on the trace file.
I have huge trace files (GB+) that work fine, tiny ones that work fine (KB), but there is one 84MB trace I recorded using tcpdump that causes the mux plugin to seg fault after 210 packets.
I'll try give as much info as I can without supplying the trace (I will need to sanitize it first - and even then...)
tcpdump version 4.5.1
libpcap version 1.5.3
--
104587 packets in trace
traces records data for about 10 mins or so (at the 210th packet we're only about 30 sec in).
--
In wireshark, the trace looks fine (there are no eth fcs though).
--
I noticed that when running a certain 2.3GB trace through the mux plugin using valgrind it seg faults. However, the same trace run through the mux plugin without valgrind doesn't seg fault.
Valgrind output:
==32123== Invalid write of size 8
==32123== at 0x4C2F793: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E42302: memcpy (string3.h:51)
==32123== by 0x4E42302: libnd_packet_set_data (libnd_packet.c:290)
==32123== by 0x4E42372: libnd_packet_from_pcap (libnd_packet.c:221)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123== Address 0x609abe0 is 0 bytes after a block of size 2,800 alloc'd
==32123== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E43CE2: libnd_prec_get (libnd_packet_recycler.c:117)
==32123== by 0x4E42355: libnd_packet_from_pcap (libnd_packet.c:217)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123==
==32123==
==32123== Process terminating with default action of signal 11 (SIGSEGV)
==32123== Bad permissions for mapped region at address 0x609B000
==32123== at 0x4C2F793: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E42302: memcpy (string3.h:51)
==32123== by 0x4E42302: libnd_packet_set_data (libnd_packet.c:290)
==32123== by 0x4E42372: libnd_packet_from_pcap (libnd_packet.c:221)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123==
--
gdb backtrace:
Program received signal SIGSEGV, Segmentation fault.
_int_malloc (av=0x7ffff79a2760 <main_arena>, bytes=4096) at malloc.c:3775
3775 malloc.c: No such file or directory.
(gdb) bt
#0 _int_malloc (av=0x7ffff79a2760 <main_arena>, bytes=4096) at malloc.c:3775
#1 0x00007ffff76667b0 in __GI___libc_malloc (bytes=4096) at malloc.c:2891
#2 0x00007ffff73cd3a5 in g_malloc () from /usr/lib/libglib-1.2.so.0
#3 0x00007ffff73cd563 in g_mem_chunk_alloc () from /usr/lib/libglib-1.2.so.0
#4 0x00007ffff73cacc3 in g_list_alloc () from /usr/lib/libglib-1.2.so.0
#5 0x00007ffff73cae99 in g_list_prepend () from /usr/lib/libglib-1.2.so.0
#6 0x00007ffff7bbbba7 in libnd_prec_put (packet=0x3, packet@entry=0x638650) at libnd_packet_recycler.c:97
#7 0x00007ffff7bba4c6 in packet_free (packet=0x638650) at libnd_packet.c:93
#8 libnd_packet_free (packet=0x638650) at libnd_packet.c:230
#9 0x00007ffff534cdf2 in mux_process_batch (mux=0x612a70, file=0x7fffffffce60 "__lnd_mux_tmp.0.0", set=0x613f60)
at libnd_mux.c:258
#10 mux_chron (mux=0x612a70) at libnd_mux.c:318
#11 0x00007ffff534d185 in libnd_mux (mux=mux@entry=0x612a70) at libnd_mux.c:504
#12 0x00007ffff534d3fc in run (trace=<optimized out>, args=0x7fffffffdf20) at libnd_mux.c:684
#13 0x00000000004012e7 in run_plugin (plugin_name=0x7fffffffe2ea "mux", argc=<optimized out>, argv=<optimized out>)
at lndtool.c:103
#14 0x00007ffff7605ec5 in __libc_start_main (main=0x400c00 <main>, argc=7, argv=0x7fffffffe018,
init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe008)
at libc-start.c:287
#15 0x0000000000401105 in _start ()
--
Seems to me there is some memory issue in the mux plugin.
Cheers,
Daniel
--
In the beginning Kibo created the Internet. Now the Internet was formless, and empty. Randomness was upon the face of computing, and the Spirit of ARPA moved upon the face of the computers. Then Kibo said, "Let there be data": and there was data. Kibo saw the data, and it was good, so Kibo divided the data from the randomness, and Kibo named the data Information, and the randomness Clueless. And the Information and the Clueless were the first Network.
----- End forwarded message -----
--
In the beginning Kibo created the Internet. Now the Internet was formless, and empty. Randomness was upon the face of computing, and the Spirit of ARPA moved upon the face of the computers. Then Kibo said, "Let there be data": and there was data. Kibo saw the data, and it was good, so Kibo divided the data from the randomness, and Kibo named the data Information, and the randomness Clueless. And the Information and the Clueless were the first Network.
|
|
From: Daniel S. <d.j...@gm...> - 2015-11-30 23:56:55
|
Hi all,
So I've found some bizzare behaviour with the mux plugin and all the depend on it...
Sometimes it seg faults depending on the trace file.
I have huge trace files (GB+) that work fine, tiny ones that work fine (KB), but there is one 84MB trace I recorded using tcpdump that causes the mux plugin to seg fault after 210 packets.
I'll try give as much info as I can without supplying the trace (I will need to sanitize it first - and even then...)
tcpdump version 4.5.1
libpcap version 1.5.3
--
104587 packets in trace
traces records data for about 10 mins or so (at the 210th packet we're only about 30 sec in).
--
In wireshark, the trace looks fine (there are no eth fcs though).
--
I noticed that when running a certain 2.3GB trace through the mux plugin using valgrind it seg faults. However, the same trace run through the mux plugin without valgrind doesn't seg fault.
Valgrind output:
==32123== Invalid write of size 8
==32123== at 0x4C2F793: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E42302: memcpy (string3.h:51)
==32123== by 0x4E42302: libnd_packet_set_data (libnd_packet.c:290)
==32123== by 0x4E42372: libnd_packet_from_pcap (libnd_packet.c:221)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123== Address 0x609abe0 is 0 bytes after a block of size 2,800 alloc'd
==32123== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E43CE2: libnd_prec_get (libnd_packet_recycler.c:117)
==32123== by 0x4E42355: libnd_packet_from_pcap (libnd_packet.c:217)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123==
==32123==
==32123== Process terminating with default action of signal 11 (SIGSEGV)
==32123== Bad permissions for mapped region at address 0x609B000
==32123== at 0x4C2F793: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32123== by 0x4E42302: memcpy (string3.h:51)
==32123== by 0x4E42302: libnd_packet_set_data (libnd_packet.c:290)
==32123== by 0x4E42372: libnd_packet_from_pcap (libnd_packet.c:221)
==32123== by 0x7AC2F07: mux_process_batch (libnd_mux.c:236)
==32123== by 0x7AC2F07: mux_chron (libnd_mux.c:318)
==32123== by 0x7AC3184: libnd_mux (libnd_mux.c:504)
==32123== by 0x7AC33FB: run (libnd_mux.c:684)
==32123== by 0x4012E6: run_plugin (lndtool.c:103)
==32123== by 0x5289EC4: (below main) (libc-start.c:287)
==32123==
--
gdb backtrace:
Program received signal SIGSEGV, Segmentation fault.
_int_malloc (av=0x7ffff79a2760 <main_arena>, bytes=4096) at malloc.c:3775
3775 malloc.c: No such file or directory.
(gdb) bt
#0 _int_malloc (av=0x7ffff79a2760 <main_arena>, bytes=4096) at malloc.c:3775
#1 0x00007ffff76667b0 in __GI___libc_malloc (bytes=4096) at malloc.c:2891
#2 0x00007ffff73cd3a5 in g_malloc () from /usr/lib/libglib-1.2.so.0
#3 0x00007ffff73cd563 in g_mem_chunk_alloc () from /usr/lib/libglib-1.2.so.0
#4 0x00007ffff73cacc3 in g_list_alloc () from /usr/lib/libglib-1.2.so.0
#5 0x00007ffff73cae99 in g_list_prepend () from /usr/lib/libglib-1.2.so.0
#6 0x00007ffff7bbbba7 in libnd_prec_put (packet=0x3, packet@entry=0x638650) at libnd_packet_recycler.c:97
#7 0x00007ffff7bba4c6 in packet_free (packet=0x638650) at libnd_packet.c:93
#8 libnd_packet_free (packet=0x638650) at libnd_packet.c:230
#9 0x00007ffff534cdf2 in mux_process_batch (mux=0x612a70, file=0x7fffffffce60 "__lnd_mux_tmp.0.0", set=0x613f60)
at libnd_mux.c:258
#10 mux_chron (mux=0x612a70) at libnd_mux.c:318
#11 0x00007ffff534d185 in libnd_mux (mux=mux@entry=0x612a70) at libnd_mux.c:504
#12 0x00007ffff534d3fc in run (trace=<optimized out>, args=0x7fffffffdf20) at libnd_mux.c:684
#13 0x00000000004012e7 in run_plugin (plugin_name=0x7fffffffe2ea "mux", argc=<optimized out>, argv=<optimized out>)
at lndtool.c:103
#14 0x00007ffff7605ec5 in __libc_start_main (main=0x400c00 <main>, argc=7, argv=0x7fffffffe018,
init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe008)
at libc-start.c:287
#15 0x0000000000401105 in _start ()
--
Seems to me there is some memory issue in the mux plugin.
Cheers,
Daniel
--
In the beginning Kibo created the Internet. Now the Internet was formless, and empty. Randomness was upon the face of computing, and the Spirit of ARPA moved upon the face of the computers. Then Kibo said, "Let there be data": and there was data. Kibo saw the data, and it was good, so Kibo divided the data from the randomness, and Kibo named the data Information, and the randomness Clueless. And the Information and the Clueless were the first Network.
|
|
From: Daniel S. <d.j...@gm...> - 2015-11-29 23:41:50
|
Hi all,
Hopefully I'm doing this in the correct place...
I wrote a protocol plugin for Endace Erf using the protocol plugin template 0.6.
I noticed that the plugin was being registered twice, resulting in two distinct protocol ids at runtime.
The libnd_proto_registry_find() function would return the first registered protocol id, but the libnd_packet_has_proto() would check for the second registered id.
Hence, calls to libnd_packet_has_proto() with protocol = libnd_proto_registry_find("Erf"), would always return FALSE.
I noticed there were two .so in my install location:
lrwxrwxrwx 1 root root 18 Nov 30 08:00 libnd_erf.so -> libnd_erf.so.0.0.0
lrwxrwxrwx 1 root root 18 Nov 30 08:00 libnd_erf.so.0 -> libnd_erf.so.0.0.0
-rwxr-xr-x 1 root root 27761 Nov 30 08:00 libnd_erf.so.0.0.0
Upon removing the libnd_erf.so.0 symlink, the protocol was no longer registered twice solving the issues I was having.
Perhaps there needs to be a mechanism in libnd_proto_add_new() to prevent registering the same protocol twice... or perhaps it's a bug in the protocol template that two symlinks are bing created on `make install'.
Just thought I'd bring this to your attention before I forget about it.
Cheers,
Daniel
--
In the beginning Kibo created the Internet. Now the Internet was formless, and empty. Randomness was upon the face of computing, and the Spirit of ARPA moved upon the face of the computers. Then Kibo said, "Let there be data": and there was data. Kibo saw the data, and it was good, so Kibo divided the data from the randomness, and Kibo named the data Information, and the randomness Clueless. And the Information and the Clueless were the first Network.
|
|
From: <onl...@ya...> - 2013-02-24 18:27:04
|
http://gdccodal.com/yes/67Achieve%20success%20working%20from%20home1 |
|
From: Simon B. <sim...@mo...> - 2010-12-09 14:26:36
|
Hi, I'm trying to install (compile + install) Netdude 0.5.1 and its requirements on my Linux system. Configure and make of libpcapnav was fine. During configure of libnetdude I ran into problems regarding glib. The program glib-config wasn't found. My guess is that this was once a programm like a specialized pkg-config for glib, right?? So I ran pkg-config --libs glib-2.0 and pkg-config --cflags glib-2.0 manually and pasted the results directly into the configure and Makefile respectively. After that configure and make of libnetdude went fine. As for the actual Netdude program, I tried the same but I got a bunch of failures regarding gtk+-2.0. It seems I'd have to have the older gtk+1.x. Is there any intention to "modernize" the used dependencies to the more current versions of glib and gtk?? Or is there any other way to get Netdude running as it is? Thanks in advance, -Simon. |
|
From: Christian K. <chr...@wh...> - 2010-05-24 18:33:14
|
Hi Peter, Thanks for the patches! I will apply them asap. On Wed, 2010-05-05 at 17:48 +0400, Peter Volkov wrote: > Hello. There are two patches in attachment: > > 1. Allow use of system ltdl. Although there is ./configure switch for > that without this patch libnedude still links with bundled ltdl instead > of system. > 2. Install libraries in PACKAGE_LIB_DIR instead of PACKAGE_DATA_DIR. > Most distributions try to follow FHS and thus it's considered not good > practice to install platform-dependent files in /usr/share/ Yeah, this one in particular has been on the TODO list for a while. Thanks also for your subsequent note & patches. -- Cheers, Christian |
|
From: Christian K. <chr...@wh...> - 2010-05-24 18:33:08
|
On Thu, 2010-05-06 at 12:27 +0400, Peter Volkov wrote: > Hello. After I built netdude, started it it crash during loading of pcap > packet dump with the following backtrace: > > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff7abcbc3 in gtk_clist_style_set (widget=0x7bf760, previous_style=0x6e1040) at gtkclist.c:4887 > 4887 gtkclist.c: Нет такого файла или каталога. Could you clarify what this last line says? Thanks, Christian |
|
From: Peter V. <pv...@ge...> - 2010-05-24 18:07:24
|
В Пнд, 24/05/2010 в 10:45 -0700, Christian Kreibich пишет: > On Thu, 2010-05-06 at 12:27 +0400, Peter Volkov wrote: > > Hello. After I built netdude, started it it crash during loading of pcap > > packet dump with the following backtrace: > > > > Program received signal SIGSEGV, Segmentation fault. > > 0x00007ffff7abcbc3 in gtk_clist_style_set (widget=0x7bf760, previous_style=0x6e1040) at gtkclist.c:4887 > > 4887 gtkclist.c: Нет такого файла или каталога. > > Could you clarify what this last line says? That's just gdb says: gtkclist.c: No such file or directory. -- Peter. |
|
From: Peter V. <pv...@ge...> - 2010-05-05 13:50:02
|
Hello. There are two patches in attachment: 1. Allow use of system ltdl. Although there is ./configure switch for that without this patch libnedude still links with bundled ltdl instead of system. 2. Install libraries in PACKAGE_LIB_DIR instead of PACKAGE_DATA_DIR. Most distributions try to follow FHS and thus it's considered not good practice to install platform-dependent files in /usr/share/ Please, apply. Thanks in advance, -- Peter. |
|
From: Christian K. <chr...@wh...> - 2010-03-16 08:18:49
|
Netdude 0.5.1 and libnetdude 0.12 are now available. This is mainly a bugfix/update release, including fixes for 64-bit platforms as well as compatibility fixes for recent libtool versions, ensuring that Netdude's plugin mechanism continues to function on current distributions. I've cleaned up some of the autoconf code as well, which hopefully did not break things anywhere. If you notice any issues, please let me know. http://downloads.sourceforge.net/netdude/netdude-0.5.1.tar.gz http://downloads.sourceforge.net/netdude/libnetdude-0.12.tar.gz Enjoy! -- Cheers, Christian |
|
From: Christian K. <chr...@wh...> - 2009-01-31 22:31:14
|
Hi there! On Tue, 2009-01-27 at 21:28 -0600, Sean Fox wrote: > Hi all, > > A classmate and myself have been asked to assist in Netdude > development during this semester. Our progress will, of course, > depend on the required time to complete other work and school-related > duties; however, I've all ready been perusing the source and I hope > the two of us can benefit this project. Fantastic. That is great news -- there's lots to do! > The first thing I'd like to do is move to the latest GTK+ using > GtkBuilder. Aside from the GUI, I haven't explored much else, so I'm > not sure if there are any much-needed features or known bugs worth > looking at. Yes, that one is becoming more and more pressing since Netdude's looking like one of the last dinosaurs still using 1.2. > Christian, your input would be invaluable. Do you keep a to-do list > or would you mind pointing out a few areas that could use immediate > attention? At this point I don't have an official TODO list. It's always been the case that when I needed any part of Netdude to do something it couldn't yet do, I went head and added it. It's been quite demand-driven. Here are a few things that I'd love to have: - Updating to GTK 2.x, per the above. - Scripting. It would be great to have scriptable access to libnetdude and its plugins, and to be able to write plugins as scripts. I'm not picky about the actual language, and Swig might abstract from the details sufficiently. I personally prefer Python. - Better TCP session support. There's currently no (truly workable) way to see the dialog in a TCP session abstracted from packets, to insert data into or remove them from a flow, etc. One of the design goals of Netdude has always been to support traces of arbitrary size, so handling this issue well will require some thought. - More protocol support. We have a research project rolling at ICSI whose goal it is to (i) move the whole protocol parsing process into its own sandbox, and (ii) have a protocol description language and compiler that generates the parsers. Picture the use of an updated version of the BinPAC procotol parser currently shipped with Bro. Alas, this is still in an early stage, so there's no immediate - Packaging, the more platforms the better. I actually submitted packages to Fedora a while back, but got hit with a storm of spec file change requests and never found the time to work on them. Ubuntu would likewise be great. While this task may not seem that glorious, I think dedicated packaging would help Netdude tremendously, and I'd be truly grateful if someone could be found for this. Let me know what you think... > Feature requests are also welcome. We're both capable programmers, so > we can complete as many things as time allows. Some of the items above pretty much count as feature requests, I guess. ;) But if anyone else on the list has input, by all means let's hear it. -- Cheers, Christian |
|
From: Sean F. <dy...@gm...> - 2009-01-30 05:04:10
|
Packages are certainly worth looking into. According to an older post here on the mailing list GTK+ 1.x applications are hard to get into Debian's repositories these days. I'm not sure if Ubuntu has this same issue, but I'll finish porting to the latest GTK+ before I create any distribution packages. It looks like the build system could use some updates as well, so I think I'll get that sorted. I do have Netdude partially running with GTK+ 2.12, so I'm hoping within a few weeks it will be mostly functional, assuming I don't get too busy. As it turns out there is also a ROADMAP file included with Netdude that has a few suggested updates, so at least that gives me a few ideas of where to go after GTK+ and distribution packages. Thanks for your feedback Capt. Gonzalez. I'll be sure to post back to the mailing list when the packages are ready. Regards, Sean On Thu, Jan 29, 2009 at 7:19 AM, Gonzalez Jose A Capt AFIT/ENG <Jos...@af...> wrote: > Packages for installation (on Ubuntu) would be nice. > > jose > |
|
From: Sean F. <dy...@gm...> - 2009-01-28 03:28:47
|
Hi all, A classmate and myself have been asked to assist in Netdude development during this semester. Our progress will, of course, depend on the required time to complete other work and school-related duties; however, I've all ready been perusing the source and I hope the two of us can benefit this project. The first thing I'd like to do is move to the latest GTK+ using GtkBuilder. Aside from the GUI, I haven't explored much else, so I'm not sure if there are any much-needed features or known bugs worth looking at. Christian, your input would be invaluable. Do you keep a to-do list or would you mind pointing out a few areas that could use immediate attention? Feature requests are also welcome. We're both capable programmers, so we can complete as many things as time allows. Regards, Sean |
|
From: Christian K. <chr...@wh...> - 2008-09-01 16:08:28
|
Folks, I'm happy to announce two new releases: http://downloads.sourceforge.net/netdude/netdude-0.5.0.tar.gz http://downloads.sourceforge.net/netdude/libnetdude-0.11.tar.gz Netdude 0.5 adds support for VLAN-tagged packets, pressing ctrl-c in the raw hex/ascii editor now copies the shown data to be copied into the clipboard, plus some minor fixes. libnetdude 0.11 likewise adds support for VLAN-tagged packets and a small number of bugs in the handling of unused space in packets. Enjoy, and let me know in case there are any problems. -- Cheers, Christian |
|
From: Gonzalez J. A C. AFIT/E. <Jos...@af...> - 2008-07-18 19:04:33
|
By deleting all of the plugin files in the /usr/local/share/libnetdude/0.10a/plugins folder and reinstall libnetdude, the lndtool no longer gave the tethereal error. But once I install the essential plugins, I get the same error for trace set. There seems to be a function called libnd_plugin_find that outputs to stderr stating "Trace-Set plugin not found." It seems the other plugins require traceset to work since the error is outputted frequently. Thanks jose -----Original Message----- From: Gonzalez Jose A Capt AFIT/ENG Sent: Thursday, July 17, 2008 5:42 PM To: 'net...@li...' Subject: Trace-Set not found and other installation problems A few problems: 1. I installed netdude, the "essential" libnetdude plugins and the tcp-filter plugin but lndtool gives me the output below. I tried reinstalling with no luck in correcting the problem. I found the tethereal message below in the Makefile for the essentials plugins (see attachment). 2. Another issue came up where I tried reinstalling netdude 0.4.8a. The ./configure completed without any errors but the Makefile was empty. 3. I also I installed "Appdemux: Application-level Flow Demultiplexing" and Trace-set (with the essentials tar). The installation seemed to work since the files are in the plugins folder with the rest of them but it doesn't show up when I run lndtool -p or I get an error. Please see below. 4. Lastly, I get a segmentation fault when I try to run the tcp-filter plugin but I assume this is due to all the other errors... Appreciate any help that may be provided. jose gonzalez jgonzale@jgonzale-desktop:~$ lndtool -p Trace-Set plugin not found Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. libnetdude protocol plugins: -------------------------------------------------- Ethernet 0.10a ICMP 0.10a IPv4 0.10a SLL 0.10a TCP 0.10a 801.11 0.10a UDP 0.10a LLC/SNAP 0.10a ARP 0.10a FDDI 0.10a libnetdude feature plugins: -------------------------------------------------- BPF-Filter 0.10a Checksum-Fix 0.10a Conntrack 0.10 Count 0.1 Demux 0.10 IAT 0.1 Mux 0.10 Sort 0.1 TA 0.10 TCP-Filter 0.2 Trace-Info 0.1 Trace-Set 0.10 root@jgonzale-desktop:/usr/local/share/libnetdude/0.10a/plugins# ls libnd_appdemux.a libnd_conntrack.la libnd_iat.so libnd_tcpfilter.a libnd_appdemux.la libnd_conntrack.so libnd_mux.a libnd_tcpfilter.la libnd_appdemux.so libnd_count.a libnd_mux.la libnd_tcpfilter.so libnd_bpf.a libnd_count.la libnd_mux.so libnd_ti.a libnd_bpf.la libnd_count.so libnd_sort.a libnd_ti.la libnd_bpf.so libnd_demux.a libnd_sort.la libnd_ti.so libnd_cksumfix.a libnd_demux.la libnd_sort.so libnd_traceset.a libnd_cksumfix.la libnd_demux.so libnd_tanalyzer.a libnd_traceset.la libnd_cksumfix.so libnd_iat.a libnd_tanalyzer.la libnd_traceset.so libnd_conntrack.a libnd_iat.la libnd_tanalyzer.so jgonzale@jgonzale-desktop:~/Documents/test$ lndtool --run tcp-filter testcapture.pcap Trace-Set plugin not found Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Segmentation fault |
|
From: Gonzalez J. A C. AFIT/E. <Jos...@af...> - 2008-07-17 21:41:47
|
A few problems: 1. I installed netdude, the "essential" libnetdude plugins and the tcp-filter plugin but lndtool gives me the output below. I tried reinstalling with no luck in correcting the problem. I found the tethereal message below in the Makefile for the essentials plugins (see attachment). 2. Another issue came up where I tried reinstalling netdude 0.4.8a. The ./configure completed without any errors but the Makefile was empty. 3. I also I installed "Appdemux: Application-level Flow Demultiplexing" and Trace-set (with the essentials tar). The installation seemed to work since the files are in the plugins folder with the rest of them but it doesn't show up when I run lndtool -p or I get an error. Please see below. 4. Lastly, I get a segmentation fault when I try to run the tcp-filter plugin but I assume this is due to all the other errors... Appreciate any help that may be provided. jose gonzalez jgonzale@jgonzale-desktop:~$ lndtool -p Trace-Set plugin not found Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. libnetdude protocol plugins: -------------------------------------------------- Ethernet 0.10a ICMP 0.10a IPv4 0.10a SLL 0.10a TCP 0.10a 801.11 0.10a UDP 0.10a LLC/SNAP 0.10a ARP 0.10a FDDI 0.10a libnetdude feature plugins: -------------------------------------------------- BPF-Filter 0.10a Checksum-Fix 0.10a Conntrack 0.10 Count 0.1 Demux 0.10 IAT 0.1 Mux 0.10 Sort 0.1 TA 0.10 TCP-Filter 0.2 Trace-Info 0.1 Trace-Set 0.10 root@jgonzale-desktop:/usr/local/share/libnetdude/0.10a/plugins# ls libnd_appdemux.a libnd_conntrack.la libnd_iat.so libnd_tcpfilter.a libnd_appdemux.la libnd_conntrack.so libnd_mux.a libnd_tcpfilter.la libnd_appdemux.so libnd_count.a libnd_mux.la libnd_tcpfilter.so libnd_bpf.a libnd_count.la libnd_mux.so libnd_ti.a libnd_bpf.la libnd_count.so libnd_sort.a libnd_ti.la libnd_bpf.so libnd_demux.a libnd_sort.la libnd_ti.so libnd_cksumfix.a libnd_demux.la libnd_sort.so libnd_traceset.a libnd_cksumfix.la libnd_demux.so libnd_tanalyzer.a libnd_traceset.la libnd_cksumfix.so libnd_iat.a libnd_tanalyzer.la libnd_traceset.so libnd_conntrack.a libnd_iat.la libnd_tanalyzer.so jgonzale@jgonzale-desktop:~/Documents/test$ lndtool --run tcp-filter testcapture.pcap Trace-Set plugin not found Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Couldn't find usable tethereal executable. Make sure it is installed and found in your PATH, or try --tethereal. Segmentation fault |
|
From: Christian K. <chr...@wh...> - 2008-07-17 13:40:03
|
Hi Guillaume, On Sun, 2008-07-06 at 21:15 +0200, Guillaume FORTAINE wrote: > Hello, > > Do You plan any new release for Netdude (at least with the latest CVS > fixes) ? Absolutely. Chronic lack of time is becoming a serious obstacle. :( > Wi-Fi frame injection patch for Wireshark > [...] > Why this patch? > > I make this patch because I want some visual tool for editing and > reinject 802.11 frames. > [...] > I'm too lazy to adapt 802.11 decoder for netdude. Well, I'd say if you wanted to edit and reinject 802.11 frames and chose Wireshark, that was probably a suboptimal decision. I don't intend to work on 802.11 in the near future, unless I encounter a situation where I need it. As always, plugins are welcome. What I *would* like to work on is integrating support for BinPAC-written analyzers into Netdude, since that'd be a huge improvement over the way it's done in Wireshark. -- Cheers, Christian |
|
From: Guillaume F. <gui...@or...> - 2008-07-06 19:15:29
|
Hello, Do You plan any new release for Netdude (at least with the latest CVS fixes) ? Or with 802.11 support ? To quote : Wi-Fi frame injection patch for Wireshark Edit, visualize and send 802.11 frames to the air from Wireshark Author : Asier Martínez Martínez Why this patch? I make this patch because I want some visual tool for editing and reinject 802.11 frames. Now I have integrated the powerful of Wireshark decoder and visualization, a simple raw hexadecimal frame editor, and the LORCON library for frame injection. This patch provides the way to do injection/modifications in easy manner, like in CommView and other commercial products. I know that this will be more convenient to do in Netdude , but I'm too lazy to adapt 802.11 decoder for netdude. Is coded in four relaxed days for my tests, I never used GTK libraries before, and some things surely would to be done better, send me your opinions, bugfixes etc... I look forward to Your Answer, Best Regards, [1] http://802.11ninja.net/lorcon/wiki/WiresharkWiFiInjection Guillaume FORTAINE "I have root @ Google" |
|
From: Christian K. <chr...@wh...> - 2007-10-03 04:10:33
|
Hi Andreas, On Tue, 2007-10-02 at 10:57 +0200, Andreas Henriksson wrote: > Hello! > > I've recently stumbled upon netdude which looks like a nice tool. > I started looking at updating the debian packages to a current version of > netdude (preliminary work available here: > http://fatal.se/pub/debian/netdude/, see TODO). > > I'm now looking to see if there's any upstream plans to port to Gtk+ 2.x? Absolutely -- this has been on my TODO list for ages. > New packages using Gtk+ 1.x are quickly shot down when someone suggests > uploading it to debian nowadays, and I suspect even thought netdude is not > new people might argue that it should be removed instead of updated since it > has been orphaned for a long time (and general interest of maintaining Gtk+ > 1.x stuff is low). > Even thought I have absolutely no knowledge of how to port the application a > quick look suggested these things might need to be done: > - Convert netdude.glade to 2.x using libglade-convert and fix it up. > - Rip out autogenerated interface code and replace it with runtime parsing > of the netdude.glade file. > (for extra bonus points: convert glade stuff to GtkBuilder.) > - Port font handling to use Pango. > - General fixups to make code fit the 2.x API. > > If I'll have to do this on my own I'll probably loose interest before I'm > even close to finished (and even if I'd have the motivation I still don't > know if I'd pull it of). > Does anyone else out there have any plans to port netdude to Gtk+ 2.x? If you'd be willing to send patches for this, that'd be fantastic. There are two areas of code that might be more work than a stock 1.2->2.x port: the hex editor, which is really a text area on steroids, and the clist that displays the tcpdump output, which I'm hacked quite a bit to be useful for my needs. If you'd like to know more details, feel free to get in touch. Cheers, Christian -- ________________________________________________________________________ http://www.icir.org/christian http://www.whoop.org |
|
From: Andreas H. <an...@fa...> - 2007-10-02 09:00:51
|
Hello! I've recently stumbled upon netdude which looks like a nice tool. I started looking at updating the debian packages to a current version of netdude (preliminary work available here: http://fatal.se/pub/debian/netdude/, see TODO). I'm now looking to see if there's any upstream plans to port to Gtk+ 2.x? New packages using Gtk+ 1.x are quickly shot down when someone suggests uploading it to debian nowadays, and I suspect even thought netdude is not new people might argue that it should be removed instead of updated since it has been orphaned for a long time (and general interest of maintaining Gtk+ 1.x stuff is low). Even thought I have absolutely no knowledge of how to port the application a quick look suggested these things might need to be done: - Convert netdude.glade to 2.x using libglade-convert and fix it up. - Rip out autogenerated interface code and replace it with runtime parsing of the netdude.glade file. (for extra bonus points: convert glade stuff to GtkBuilder.) - Port font handling to use Pango. - General fixups to make code fit the 2.x API. If I'll have to do this on my own I'll probably loose interest before I'm even close to finished (and even if I'd have the motivation I still don't know if I'd pull it of). Does anyone else out there have any plans to port netdude to Gtk+ 2.x? -- Regards, Andreas Henriksson |
|
From: Christian K. <chr...@wh...> - 2007-06-24 22:27:57
|
Hi all,
These releases fix issues that were introduced in the Netdude 0.4.8 and
libnetdude 0.10 releases. Enjoy...
Cheers,
Christian
--
________________________________________________________________________
http://www.icir.org/christian
http://www.whoop.org
|
|
From: Christian K. <chr...@wh...> - 2007-06-07 04:45:07
|
Hi all,
I'm delighted to announce that Netdude 0.4.8, libnetdude 0.10, and
libpcapnav 0.8 are out, including a number of new features such as
large-file support, editing pcap-level packet timestamps, changing
packet wire/capture length, and a number of bugfixes.
Additionally, a number of frequently used libnetdude plugins have been
updated and rolled together into the libnetdude Essentials Pack. It
includes plugins to multiplex, demultiplex, sort, and count packets and
traces with ease. Go check it out, and send bug reports. :)
Enjoy,
Christian
--
________________________________________________________________________
http://www.icir.org/christian
http://www.whoop.org
|
|
From: Christian K. <chr...@wh...> - 2006-11-17 18:02:15
|
Hi there,
On Fri, 2006-11-17 at 10:46 +0200, enigma wrote:
> Hi,
>
> New code compiles fine with gcc 4.0.3, so fix is good. However, after
> installing new version from source, the plugins were no longer happy,
> issuing an error message when firing up netdude. Reinstalling the
> plugins from source fixed the issue.
>
> So when upgrading, the libnetdude plugings were in
> /usr/local/share/libnetdude/0.8. It seems the new version expects them
> to be in /usr/local/share/libnetdude/0.9.
yes, that is correct. This is because the API can change considerably
between 0.x releases -- if I made a bugfix release, for example, I'd
keep the 0.x version the same so the plugins would still work. I agree
though that it's also annoying to have to recompile them. Sorry for the
inconvenience.
> That's it. Just a small nigley issue.
>
> So far, netdude looks to be very useful, thanks Christian :)
Cool, I'm glad you find it useful.
Cheers,
Christian.
--
________________________________________________________________________
http://www.cl.cam.ac.uk/~cpk25
http://www.whoop.org
|
|
From: enigma <en...@ru...> - 2006-11-17 08:46:45
|
Hi, New code compiles fine with gcc 4.0.3, so fix is good. However, after installing new version from source, the plugins were no longer happy, issuing an error message when firing up netdude. Reinstalling the plugins from source fixed the issue. So when upgrading, the libnetdude plugings were in /usr/local/share/libnetdude/0.8. It seems the new version expects them to be in /usr/local/share/libnetdude/0.9. That's it. Just a small nigley issue. So far, netdude looks to be very useful, thanks Christian :) J-P -- Masters Student Computer Science Department Rhodes University Email: en...@ru... <mailto:g02...@ca...> Website: http://research.ict.ru.ac.za/g02v2468 |
|
From: Christian K. <chr...@wh...> - 2006-11-16 23:12:13
|
Dear Netdude users, I'm pleased to announce new releases for both libnetdude and Netdude: http://prdownloads.sourceforge.net/netdude/netdude-0.4.7.tar.gz?download http://prdownloads.sourceforge.net/netdude/libnetdude-0.9.tar.gz?download libnetdude 0.9 finally fixes a number of GCC build issues and brings more convenience for handling output dump files in the LND_Dumper abstraction. Also, initial use is made of libmagic to guess the content type of flows. The 0.4.7 release is starting to make use of this and likewise contains build fixes and other minor updates. Please report any problems on the lists, as usual. Cheers, Christian. -- ________________________________________________________________________ http://www.cl.cam.ac.uk/~cpk25 http://www.whoop.org |
3 messages has been excluded from this view by a project administrator.