ngrep 1.45 review
Downloadngrep project strives to provide most of GNU grep's common features, applying them to the network layer
|
|
ngrep project strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets.
It currently recognizes TCP, UDP, ICMP, IGMP and Raw protocols across Ethernet, PPP, SLIP, FDDI, Token Ring, 802.11 and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
What's New in This Release:
This release fixes an under-sized snaplen bug resulting in garbage input to the pattern matcher, a bug in the IPv6/TCP packet length calculation, and a double-free race condition during ngrep termination.
It reworks packet length calculation in the main processing loop (yielding a performance improvement), simplifies the build system logic, and changed "-s 0'' to match tcpdump behaviour.
It adds support for IEEE802_11_RADIO (radiotap).
ngrep 1.45 search tags