netpack-gpack (gpackcount)
Sniffing your own network, from internet to your home / office intranet, using a Linux router...can be easily achieved with a Freesco-box, or some Linux distro, and gpackcount, a small application that shows all traffic through your networks.
gpackcount is included in the netpack-gpack, just released.
Sources are freely available, and packaged binaries are expected soon. Refer here to the release article: netpack.blogspot.com/2007/12/netpack-gpack-is-released.html
Refer here (left-side picture) for a snapshot for my own sniffing of network between a Freesco-box and another server. Some basic commands are shown to minimize traffic.
Note domains are cached within gpackcount to minimize additional traffic through domain port (UDP, 53).
Here's another snapshot of the result of brief minutes of sniffing.
You can see *.google.com, because by the time I was writting this article, gpackcount was sniffing traffic (and www.blogger.com domain belongs to all mighty Google.)
There are no fancy rules to gather traffic for a group of ports, or anything like that. The output is typically the byte comprehensive streaming, and a plain text report at the end.
gpackcount is included in the netpack-gpack, just released.Sources are freely available, and packaged binaries are expected soon. Refer here to the release article: netpack.blogspot.com/2007/12/netpack-gpack-is-released.html
Refer here (left-side picture) for a snapshot for my own sniffing of network between a Freesco-box and another server. Some basic commands are shown to minimize traffic.
Note domains are cached within gpackcount to minimize additional traffic through domain port (UDP, 53).
Here's another snapshot of the result of brief minutes of sniffing.
You can see *.google.com, because by the time I was writting this article, gpackcount was sniffing traffic (and www.blogger.com domain belongs to all mighty Google.)
There are no fancy rules to gather traffic for a group of ports, or anything like that. The output is typically the byte comprehensive streaming, and a plain text report at the end.
posted by Henrique at Saturday, January 05, 2008
1 Comments:
Here's how gpackcount compiles on Freesco:
tar xfz netpack-gpack-v0.8.tar.gz
cd netpack/gpack/gPackCount-v0.8/gPackCount/src/
zip:~/test/netpack/gpack/gPackCount-v0.8/gPackCount/src$ make CC_BASIC=-DFREESCO
Need to rebuild libgpcap
cd ../../../gsrc/gpcap && make
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gpcap'
checking pcap...
./make_pcap.sh pcap_development.txt.tmp
Executing: ./configure --disable-protochain
loading cache ./config.cache
checking host system type... i686-pc-linux-gnulibc1
checking target system type... i686-pc-linux-gnulibc1
checking build system type... i686-pc-linux-gnulibc1
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking gcc version... 2
checking for inline... inline
checking for __attribute__... yes
checking for u_int8_t using gcc... yes
checking for u_int16_t using gcc... yes
checking for u_int32_t using gcc... yes
checking how to run the C preprocessor... gcc -E
checking for sys/ioccom.h... no
checking for sys/sockio.h... no
checking for ifaddrs.h... no
checking for limits.h... yes
checking for netinet/if_ether.h... no
checking for ANSI ioctl definitions... yes
checking for ether_hostton... no
checking for strerror... yes
checking for strlcpy... no
checking if --disable-protochain option is specified... disabled
checking packet capture type... linux
checking if --enable-ipv6 option is specified... no
checking whether to build optimizer debugging code... no
checking whether to build parser debugging code... no
checking Linux kernel version... 2
checking if if_packet.h has tpacket_stats defined... no
checking whether we have /proc/net/dev... yes
checking for flex... flex
checking for flex 2.4 or higher... yes
checking for bison... bison
checking for ranlib... ranlib
checking if sockaddr struct has sa_len member... no
checking if dl_hp_ppa_info_t struct has dl_module_id_1 member... no
checking if unaligned accesses fail... no
checking for a BSD compatible install... /usr/bin/ginstall -c
updating cache ./config.cache
creating ./config.status
creating Makefile
creating config.h
Making pcap: pcap_development.txt.tmp
cat pcap_development.txt.tmp > pcap_development.txt
rm -f pcap_development.txt.tmp
pcap check: OK: pcap_development.txt
pcap present: OK
Compiling gpthread.cpp : obj is gpthread.o
Compiling gpproto.cpp : obj is gpproto.o
Compiling gpstat.cpp : obj is gpstat.o
Compiling gpifcap.cpp : obj is gpifcap.o
Compiling gpastbl.cpp : obj is gpastbl.o
Compiling gpbuffer.cpp : obj is gpbuffer.o
Compiling gpcrypt.cpp : obj is gpcrypt.o
Compiling gpblowfish.cpp : obj is gpblowfish.o
gpblowfish.cpp:293: warning: aggregate has a partly bracketed initializer
gpblowfish.cpp:293: warning: aggregate has a partly bracketed initializer
gpblowfish.cpp:293: warning: aggregate has a partly bracketed initializer
gpblowfish.cpp:293: warning: aggregate has a partly bracketed initializer
Compiling gpblowfb.cpp : obj is gpblowfb.o
gcc -pipe -shared -fPIC -o libgpcap.so \
gpthread.o gpproto.o gpstat.o gpifcap.o gpastbl.o gpbuffer.o gpcrypt.o gpblowfish.o gpblowfb.o \
bpf_dump.o bpf_filter.o bpf_image.o etherent.o gencode.o grammar.o inet.o nametoaddr.o optimize.o pcap-linux.o pcap.o savefile.o scanner.o version.o
Done lib: libgpcap.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gpcap'
Compiling gPackConf.cpp : obj is gPackConf.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackConf.o -c gPackConf.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackStatIO.cpp : obj is gPackStatIO.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackStatIO.o -c gPackStatIO.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackStatInner.cpp : obj is gPackStatInner.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackStatInner.o -c gPackStatInner.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackStatScrap.cpp : obj is gPackStatScrap.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackStatScrap.o -c gPackStatScrap.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackIpHash.cpp : obj is gPackIpHash.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackIpHash.o -c gPackIpHash.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackIpTuple.cpp : obj is gPackIpTuple.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackIpTuple.o -c gPackIpTuple.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackIpCache.cpp : obj is gPackIpCache.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackIpCache.o -c gPackIpCache.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackIpDnsCache.cpp : obj is gPackIpDnsCache.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackIpDnsCache.o -c gPackIpDnsCache.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackPorts.cpp : obj is gPackPorts.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackPorts.o -c gPackPorts.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackGpStub.cpp : obj is gPackGpStub.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackGpStub.o -c gPackGpStub.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackOwnAddr.cpp : obj is gPackOwnAddr.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackOwnAddr.o -c gPackOwnAddr.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Compiling gPackCount.cpp : obj is gPackCount.o
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: -O2 -Wall -o ./gPackCount.o -c gPackCount.cpp
g++: -rpath: linker input file unused since linking not done
g++: ../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio:: linker input file unused since linking not done
Need to rebuild libgobj
cd ../../../gsrc/gobj && make
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Compiling gstorage.cpp : obj is gstorage.o
g++ -g -DFREESCO -O2 -Wall -o ./gstorage.o -c gstorage.cpp
Compiling gcontrol.cpp : obj is gcontrol.o
g++ -g -DFREESCO -O2 -Wall -o ./gcontrol.o -c gcontrol.cpp
Compiling gfile.cpp : obj is gfile.o
g++ -g -DFREESCO -O2 -Wall -o ./gfile.o -c gfile.cpp
Compiling gfilestat.cpp : obj is gfilestat.o
g++ -g -DFREESCO -O2 -Wall -o ./gfilestat.o -c gfilestat.cpp
Compiling glist.cpp : obj is glist.o
g++ -g -DFREESCO -O2 -Wall -o ./glist.o -c glist.cpp
Compiling glistext.cpp : obj is glistext.o
g++ -g -DFREESCO -O2 -Wall -o ./glistext.o -c glistext.cpp
Compiling garray.cpp : obj is garray.o
g++ -g -DFREESCO -O2 -Wall -o ./garray.o -c garray.cpp
Compiling gstack.cpp : obj is gstack.o
g++ -g -DFREESCO -O2 -Wall -o ./gstack.o -c gstack.cpp
Compiling ghash.cpp : obj is ghash.o
g++ -g -DFREESCO -O2 -Wall -o ./ghash.o -c ghash.cpp
Compiling garg.cpp : obj is garg.o
g++ -g -DFREESCO -O2 -Wall -o ./garg.o -c garg.cpp
garg.cpp: In method `unsigned int gArg::thisFindParamFromStr(char *, unsigned int, class gParamElem *, bool &, unsigned int &)':
garg.cpp:758: warning: `unsigned int i' might be used uninitialized in this function
Compiling gstring.cpp : obj is gstring.o
g++ -g -DFREESCO -O2 -Wall -o ./gstring.o -c gstring.cpp
Compiling gstringext.cpp : obj is gstringext.o
g++ -g -DFREESCO -O2 -Wall -o ./gstringext.o -c gstringext.cpp
Compiling gdir.cpp : obj is gdir.o
g++ -g -DFREESCO -O2 -Wall -o ./gdir.o -c gdir.cpp
Compiling gconfig.cpp : obj is gconfig.o
g++ -g -DFREESCO -O2 -Wall -o ./gconfig.o -c gconfig.cpp
Compiling gnet.cpp : obj is gnet.o
g++ -g -DFREESCO -O2 -Wall -o ./gnet.o -c gnet.cpp
Compiling gtime.cpp : obj is gtime.o
g++ -g -DFREESCO -O2 -Wall -o ./gtime.o -c gtime.cpp
Compiling gcalendar.cpp : obj is gcalendar.o
g++ -g -DFREESCO -O2 -Wall -o ./gcalendar.o -c gcalendar.cpp
Compiling gweb.cpp : obj is gweb.o
g++ -g -DFREESCO -O2 -Wall -o ./gweb.o -c gweb.cpp
Compiling ghttp.cpp : obj is ghttp.o
g++ -g -DFREESCO -O2 -Wall -o ./ghttp.o -c ghttp.cpp
Compiling gmath.cpp : obj is gmath.o
g++ -g -DFREESCO -O2 -Wall -o ./gmath.o -c gmath.cpp
gcc -pipe -shared -fPIC -o libgobj.so gstorage.o gcontrol.o gfile.o gfilestat.o glist.o glistext.o garray.o gstack.o ghash.o garg.o gstring.o gstringext.o gdir.o gconfig.o gnet.o gtime.o gcalendar.o gweb.o ghttp.o gmath.o
Done lib: libgobj.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Need to rebuild libgobjeio
cd ../../../gsrc/gobjeio && make
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobjeio'
Compiling giostorage.cpp : obj is giostorage.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giostorage.o -c giostorage.cpp
Compiling gioctrl.cpp : obj is gioctrl.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gioctrl.o -c gioctrl.cpp
gioctrl.cpp:26: warning: #warning No GOEIO_LINUX_MEM defined: direct memory management
Compiling giotag.cpp : obj is giotag.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giotag.o -c giotag.cpp
Compiling giopaths.cpp : obj is giopaths.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giopaths.o -c giopaths.cpp
Compiling giolarge.cpp : obj is giolarge.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giolarge.o -c giolarge.cpp
Compiling giodeconv.cpp : obj is giodeconv.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giodeconv.o -c giodeconv.cpp
Compiling giofile.cpp : obj is giofile.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giofile.o -c giofile.cpp
Compiling giofileidx.cpp : obj is giofileidx.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./giofileidx.o -c giofileidx.cpp
Compiling gxstring.cpp : obj is gxstring.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gxstring.o -c gxstring.cpp
Compiling gxsupuni.cpp : obj is gxsupuni.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gxsupuni.o -c gxsupuni.cpp
Compiling gxnet.cpp : obj is gxnet.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gxnet.o -c gxnet.cpp
Compiling gxnetpair.cpp : obj is gxnetpair.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gxnetpair.o -c gxnetpair.cpp
Compiling gxnetserve.cpp : obj is gxnetserve.o
g++ -g -DFREESCO -I../gobj -O2 -Wall -o ./gxnetserve.o -c gxnetserve.cpp
gcc -pipe -shared -fPIC -o libgobjeio.so giostorage.o gioctrl.o giotag.o giopaths.o giolarge.o giodeconv.o giofile.o giofileidx.o gxstring.o gxsupuni.o gxnet.o gxnetpair.o gxnetserve.o
cd ../gobj && make
make[2]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Done lib: libgobj.so
make[2]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Done lib: libgobjeio.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobjeio'
Main prog
g++ -g -DFREESCO -I../../../gsrc/gobj -I../../../gsrc/gpcap -I../../../gsrc/gobjeio -I../../../gsrc/pcap -pipe -rdynamic -Wl,-rpath,../../../gsrc/gobj:../../../gsrc/gpcap:../../../gsrc/gobjeio: gPackConf.o gPackStatIO.o gPackStatInner.o gPackStatScrap.o gPackIpHash.o gPackIpTuple.o gPackIpCache.o gPackIpDnsCache.o gPackPorts.o gPackGpStub.o gPackOwnAddr.o gPackCount.o -O2 -Wall -L../../../gsrc/gobj -L../../../gsrc/gpcap -L../../../gsrc/gobjeio -lgobj -lgpcap -lgobjeio -o gpackcount
cd ../../../gsrc/gobj && make CC_BASIC="-DFREESCO"
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Done lib: libgobj.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobj'
cd ../../../gsrc/gpcap && make CC_BASIC="-DFREESCO"
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gpcap'
pcap present: OK
Done lib: libgpcap.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gpcap'
cd ../../../gsrc/gobjeio && make
make[1]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobjeio'
cd ../gobj && make
make[2]: Entering directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Done lib: libgobj.so
make[2]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobj'
Done lib: libgobjeio.so
make[1]: Leaving directory `/home/guest/test/netpack/gpack/gsrc/gobjeio'
Done: gpackcount
==> Et voilá...
strip gpackcount
zip:~/test/netpack/gpack/gPackCount-v0.8/gPackCount/src$ ls -lG gpackcount
-rwxr-xr-x 1 guest 109872 Jan 4 19:28 gpackcount*
Post a Comment
<< Home