-
Notifications
You must be signed in to change notification settings - Fork 0
gracchus163/MSS-probe
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Reads packets from an interface or pcapfile and records stats in a binary format. Information recorded: Hashed IP Hashed subnet MSS Segment Size TCP Options order TCP flags DSCP Transport is TCP or UDP IPv4 or IPv6 IPv4 fragment flags QUIC version ID We then also record how many occurences of each MSS and DSCP in the dataset. Recording speeds of 200MB/s with 0 packet drops is the max we have achieved on our hardware. Indebted to libtrace [https://github.com/LibtraceTeam/libtrace] ./probe.out pcap:<pcapfile> or ./probe.out bpf:igb0 #bsd interface named igb0 ./probe.out int:eth0 #linux interface named eth0 Will produce timestamped bin files and append dropped stats to a file named "packet_stats" Must have file named salt1 and salt2 in directory each with a 30 character string Interface must be set to promiscuous mode ./read.out <bin_file> will print out the collected stats of every packet Run stats.sh with a bin file as the argument will slowly process the bin file and print out stats on MSS and DSCP occurence. ./read_stats.out <bin_file> will print out the collected stats of every packet to stdout and print to stderr the MSS and DSCP occurences. Has not been tested as much but seems to work, try it first. Both provided as insurance. If needed to compile ./mk will compile the 3 programs on Freebsd only. some changes required for linux or maybe the compiler TODO: Improve performance of reading the packets Porting to libtrace parallel may help with this (:
About
Reads packets from an interface or pcapfile and extracts various stats. Intended to be 'high performant'
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published