2 releases
Uses old Rust 2015
| 0.1.3 | Feb 19, 2016 |
|---|---|
| 0.1.2 | Feb 6, 2016 |
#45 in #netlink
43KB
1K
SLoC
nl-dump
In order to build nl-dump you must have rust-enum-derive (the excecutable) v0.3.3 or later in your path. eg:
$ git clone https://github.com/TaborKelly/rust-enum-derive
$ cd rust-enum-derive
$ cargo build
$ export PATH=$PATH:`pwd`/target/debug
Better yet, add a symlink to rust-enum-derive somewhere that is in your path.
nl-dump is a dissector for netlink (mostly NETLINK_ROUTE) packets. It runs from the command-line to give you mostly human readable output for NETLINK_ROUTE which have been captured to a pcap file.
Usage: nl-dump [options]
Options:
-i, --input NAME pcap input file
--netlink_family FAMILY
filter for one netlink_family (NETLINK_ROUTE,
NETLINK_GENERIC, etc)
-h, --help print this help menu
For example:
$ nl-dump -i netlink.pcapng
packet[1] = [ {
netlink_family: NETLINK_ROUTE,
nlmsghdr: {
nlmsg_len: 32,
nlmsg_type: NrMsgType(RTM_NEWLINK),
nlmsg_flags: 0x5 (NLM_F_REQUEST|NLM_F_ACK),
nlmsg_seq: 1452822917,
nlmsg_pid: 3128951544,
},
nlmsg: Ifinfomsg( {
ifi_family: AF_UNSPEC,
ifi_type: 0,
ifi_index: 2,
ifi_flags: 0x1003 (IFF_UP|IFF_BROADCAST|IFF_MULTICAST),
ifi_change: 0,
ifi_attr: [ ],
} )
}
]
packet[2] = [ {
netlink_family: NETLINK_GENERIC,
nlmsghdr: {
...
Dependencies
~5MB
~93K SLoC