GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → massoudasadi → packiffer

massoudasadi / packiffer

Licence: BSD-3-Clause license
lightweight cross-platform networking toolkit

Programming Languages

go
31211 projects - #10 most used programming language
c
50402 projects - #5 most used programming language
Makefile
30231 projects

Labels

pcapfirewallpacketinjectlibpcapebpfxdpbpfgopacket

Projects that are alternatives of or similar to packiffer

XDP-Firewall
An XDP firewall that is capable of filtering specific packets based off of filtering rules specified in a config file. IPv6 is supported!
Stars: ✭ 129 (+148.08%)
Mutual labels:  firewall, ebpf, xdp, bpf
Tcpdump
the TCPdump network dissector
Stars: ✭ 1,731 (+3228.85%)
Mutual labels:  pcap, libpcap, bpf
tcpslice
tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.
Stars: ✭ 48 (-7.69%)
Mutual labels:  pcap, libpcap, bpf
Libpcap
the LIBpcap interface to various kernel packet capture mechanism
Stars: ✭ 1,785 (+3332.69%)
Mutual labels:  pcap, libpcap, bpf
libbpf-sys
Rust bindings to libbpf from the Linux kernel
Stars: ✭ 103 (+98.08%)
Mutual labels:  ebpf, xdp, bpf
Cilium
eBPF-based Networking, Security, and Observability
Stars: ✭ 10,256 (+19623.08%)
Mutual labels:  ebpf, xdp, bpf
oxdpus
A toy tool that leverages the super powers of XDP to bring in-kernel IP filtering
Stars: ✭ 59 (+13.46%)
Mutual labels:  ebpf, xdp, bpf
Polycube
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
Stars: ✭ 217 (+317.31%)
Mutual labels:  firewall, ebpf, bpf
Libtins
High-level, multiplatform C++ network packet sniffing and crafting library.
Stars: ✭ 1,609 (+2994.23%)
Mutual labels:  pcap, libpcap
sniffer
🤒 A modern alternative network traffic sniffer.
Stars: ✭ 428 (+723.08%)
Mutual labels:  pcap, gopacket
Skydive
An open source real-time network topology and protocols analyzer
Stars: ✭ 2,086 (+3911.54%)
Mutual labels:  pcap, ebpf
connect
tiny cross-platform socket API library
Stars: ✭ 46 (-11.54%)
Mutual labels:  pcap, bpf
ovs-ebpf
No description or website provided.
Stars: ✭ 34 (-34.62%)
Mutual labels:  ebpf, xdp
aya
Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.
Stars: ✭ 950 (+1726.92%)
Mutual labels:  ebpf, bpf
LAF
Linux Application Firewall
Stars: ✭ 8 (-84.62%)
Mutual labels:  firewall, bpf
portablebpf
You came here so you could have a base code to serve you as an example on how to develop a BPF application, compatible to BCC and/or LIBBPF, specially LIBBPF, having the userland part made in C or PYTHON.
Stars: ✭ 32 (-38.46%)
Mutual labels:  ebpf, bpf
ebpf
eBPF package for Go
Stars: ✭ 25 (-51.92%)
Mutual labels:  ebpf, bpf
KubeArmor
Cloud-native Runtime Security Enforcement System
Stars: ✭ 434 (+734.62%)
Mutual labels:  ebpf, bpf
Npf
NPF: packet filter with stateful inspection, NAT, IP sets, etc.
Stars: ✭ 160 (+207.69%)
Mutual labels:  firewall, bpf
p2pflow
Ethereum p2p traffic analysis with eBPF
Stars: ✭ 24 (-53.85%)
Mutual labels:  ebpf, bpf
View All Similar Projects ➔

Go Report Card

Packiffer

Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.

Features:
    -display list of network interfaces
    -sniff packets live from interface
    -set promiscuous mode on interface
    -apply filters to packets
    -transform selected packets from pcap file to another
    -inspect packets in terminal
    -inject packets into network
    -filter packets with specified destination ip

Modes:
    Sniff: 
        sniff packets live from interface

    Transform: 
        transform packets from offline pcap

    Inspect: 
        inspect & analysis packets from offline pcap files

    Inject: 
        Inject Raw & Constructed Packets

    Filter:
        Drop or Accept Packets

Prerequisites For Binary

Libpcap v1.9.1

Clang/LLVM (Only on Linux for eBPF XDP packet filtering)

Iptables (Only on Linux for Iptables packet filtering)

Prerequisites For Source

Golang v1.16

GoPacket v1.1.19

Go eBPF v0.0.0-20210223

Libpcap v1.9.1

Fiber v2.8.0

Clang/LLVM (Only on Linux for eBPF XDP packet filtering)

Iptables (Only on Linux for Iptables packet filtering)

How to get Packiffer

Checkout packiffer git repo using git clone

git clone https://github.com/massoudasadi/packiffer.git
cd packiffer

Run Packiffer

Sniff mode:

make build_go 

./packiffer sniff <parameters>

("i", "Specify interface name. Default is eth0")
("p", "Specify promiscuous mode. Default is false")
("f", "Specify filter query. Default is all")
("od", "Specify output directory. Defaultis packiffer directory")
("of", "Specify output file name. Defaultis interface name")
("sl", "Specify Snapshot Lenght. Default is 2014")
("t", "limit sniffing timeout. Default is 30 seconds")
("c", "Limit count of packets to sniff. Default is 1000")

transform mode:

make build_go 

./packiffer transform <parameters>

("f", "Specify filter query. Default is all")
("in", "Specify input pcap file")
("od", "Specify output directory.Default is packiffer directory")
("of", "Specify output file name.Default is interface name")
("c", "Limit count of packets to sniff. Default is1000")

inspect mode:

make build_go 

./packiffer inspect <parameters>

("in", "Specify input pcap file")
("f", "Specify filter query. Default is all")
("c", "Limit count of packets to sniff. Default is 1000")

inject mode:

make build_go 

./packiffer inject <parameters>

("i", "Specify interface name. Default is eth0")
("ir", "Specify Raw Packet Inject. Default is false")
("ic", "Specify Constructed Packet Inject. Default is False")
("f", "Specify Path to packet file. Default is inject.txt")

firewall mode:

make build_bpf
make build_go 

./packiffer firewall <parameters>

("i", "Specify interface name. Default is eth0")
("f", "Specify Path to firewall file. Default is firewall.txt")

default mode:

./packiffer <parameters>

("h", "Specify help display. Default is false")
("d", "Specify devices display. Default is false")

Examples

Display list of network interfaces

./packiffer -d

Sniff packets on 'eth0' and save packets in 'eth0.pcap' (promiscuous mode) until Ctrl+C pressed

./packiffer sniff -i eth0 -p

transformonly udp packets from 'eth0.pcap' to 'eth0_udp.pcap' until Ctrl+C pressed

./packiffer transform -in /path/to/eth0.pcap -of eth0_udp

inspect only tcp packets from pcap file

./packiffer inspect -in /path/to/file.pcap -f tcp

inject constructed tcp packets from InjectConstructed.json

./packiffer inject -i eth0 -ic -f /path/to/file.json

filter packets from ips inside firewall.txt

./packiffer firewall -i eth0 -f /path/to/file.txt
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].