File	Date	Author	Commit
autom4te.cache	2016-03-21	Oreste Notelli	[9e1943] update
debian	2016-03-21	Oreste Notelli	[b1fc6c] -F flag and libnids inline functions removed
doc	2015-04-26	Oreste Notelli	[9949ef] doc updated
include	2014-11-02	Oreste Notelli	[721861] autotools update
justmonitor	2009-07-25	onotelli	[c82a3d]
lib	2016-03-21	Oreste Notelli	[b1fc6c] -F flag and libnids inline functions removed
m4	2014-11-02	Oreste Notelli	[721861] autotools update
python	2014-11-02	Oreste Notelli	[721861] autotools update
src	2016-03-21	Oreste Notelli	[df1a71] file integrity check removed for stdout pipe
test	2009-07-25	onotelli	[55d364]
ws	unknown
.gitignore	2016-03-21	Oreste Notelli	[9e1943] update
AUTHORS	2009-05-23	onotelli	[895b53]
COPYING	2009-05-23	onotelli	[895b53]
ChangeLog	2016-03-21	Oreste Notelli	[ce8e3d] ChangeLog restored
INSTALL	2009-05-23	onotelli	[895b53]
Makefile.am	2009-05-27	onotelli	[6df1e1]
Makefile.in	2014-11-02	Oreste Notelli	[721861] autotools update
NEWS	2009-05-23	onotelli	[895b53]
README	2014-01-20	Oreste Notelli	[0b9daf] README
acinclude.m4	2014-11-02	Oreste Notelli	[721861] autotools update
aclocal.m4	2014-11-02	Oreste Notelli	[721861] autotools update
build_debian.sh	2009-05-25	onotelli	[129861]
compile	unknown
config.guess	2014-11-02	Oreste Notelli	[721861] autotools update
config.sub	2014-11-02	Oreste Notelli	[721861] autotools update
configure	2014-11-02	Oreste Notelli	[721861] autotools update
configure.ac	2016-03-21	Oreste Notelli	[b1fc6c] -F flag and libnids inline functions removed
configure.ac.in	unknown
depcomp	2009-05-23	onotelli	[895b53]
info.json	2016-03-21	Oreste Notelli	[b1fc6c] -F flag and libnids inline functions removed
install-sh	2009-05-23	onotelli	[895b53]
justniffer.8	2016-03-21	Oreste Notelli	[b1fc6c] -F flag and libnids inline functions removed
justniffer.8.in	unknown
ltmain.sh	2012-11-21	onotelli	[7570be] libtool added
make-release.sh	2011-10-16	onotelli	[ad23dc] fixes for python 2.7
missing	2009-05-23	onotelli	[895b53]

Read Me

Justniffer (Project page: http://justniffer.sourceforge.net/)  

Network TCP Packet Sniffer

Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic.

It lets you interactively trace tcp traffic from a live network or from a previously saved capture file. Justniffer's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools.

Reliable TCP Flow Rebuilding

The main Justniffer's feature is the ability to handle all those complex low level protocol issues and retrieve the correct flow of the TCP/IP traffic: IP fragmentation, TCP retransmission, reordering. etc. It uses portions of Linux kernel source code for handling all TCP/IP stuff. Precisely, it uses a slightly modified version of the libnids libraries that already include a modified version of Linux code in a more reusable way.

Optimized for "Request / Response" protocols. It is able to track server response time

Justniffer was born as tool for helping in analyzing performance problem in complex network environment when it becomes impractical to analyze network captures solely using wireshark. It will help you to quickly identify the most significant bottlenecks analyzing the performance at "application" protocol level.

In very complex and distributed systems is often useful to understand how communication takes place between different components, and when this is implemented as a network protocol based on TCP/IP (HTTP, JDBC, RTSP, SIP, SMTP, IMAP, POP, LDAP, REST, XML-RPC, IIOP, SOAP, etc.), justniffer becomes very useful. Often the logging level and monitoring systems of these systems does not report important information to determine performance issues such as the response time of each network request. Because they are in a "production" environment and cannot be too much verbose or they are in-house developed applications and do not provide such logging.

Other times it is desirable to collect access logs from web services implemented on different environments (various web servers, application servers, python web frameworks, etc.) or web services that are not accessible and therefore traceable only on client side.

Justniffer can capture traffic in promiscuous mode so it can be installed on dedicated and independent station within the same network "collision domain" of the gateway of the systems that must be analyzed, collecting all traffic without affecting the system performances and requiring invasive installation of new software in production environments.

Can rebuild and save HTTP content on files

The robust implementation for the reconstruction of the TCP flow turns it in a multipurpose sniffer.

HTTP sniffer
LDAP sniffer
SMTP sniffer
SIP sniffer
password sniffer
justniffer can also be used to retrieve files sent over the network.
It is extensible

Can be extended by external scripts. A python script has been developed to recover all files sent via HTTP (images, text, html, javascript, etc.).

Features Summary

Reliable TCP flow rebuilding: it can reorder, reassemble tcp segments and ip fragments using portions of the Linux kernel code
Logging text mode can be customized
Extensibility by any executable, such as bash, python, perl scripts, ELF executable, etc.
Performance measurement it can collect many information on performances: connection time, close time, request time , response time, close time, etc.