Justniffer 0.5.10

justniffer is a tcp packet sniffer.
justniffer is a tcp packet sniffer. It captures TCP packets, reassembles and reorders them, performs IP packet defragmentation and displays the tcp flow in the standard output. Justniffer is usefull for logging network traffic in a 'standard' (web server like) or in a customized way. Justniffer can log timings (e.g. response time), usefull for tracking network services performances (e.g. web server, application server,

The main differences with other sniffers are:

- capture tcp/ip traffic and handle all tcp/ip stuff (reordering, retrasmissions, defragmentation). The tcp flow adjustment is performed using linux kernel code included in a slightly modified version of the nids library.
- report timing informations. So it can be usefull for tracking network system performances

Examples:

justniffer -i eth0 - produce apache like access_log
justniffer -f /file.cap - read from a capture file
justniffer -i eth0 -l "%request.line" - print only request line : Ex. "GET /index.html HTTP/1.1"
justniffer -i eth0 -l "%request.header.host - %request.url - %response.code - %response.time" print something like this:"www.plecno.com - /index.html - 200 - 0.23345"

Usage:

--help command line description
-f [ --filecap ] arg input file in 'tcpdump capture file format' (e.g.
produced by tshark or tcpdump)
-i [ --interface ] arg interface to listen on (e.g. eth0, en1, etc.)
-l [ --log-format ] arg log format (see man page). If missing the
CommonLog (apache access log) format will ne used
-c [ --config ] arg configuration file
-p [ --packet-filter ] arg packet filter (tcpdump filter syntax) [default
value is 'tcp port 80 or tcp port 8080' ]

last updated on:
September 13th, 2011, 9:01 GMT
price:
FREE!
developed by:
Oreste Notelli
homepage:
justniffer.sourceforge.net
license type:
GPL v3 
category:
ROOT \ System \ Networking

FREE!

In a hurry? Add it to your Download Basket!

user rating 29

3.7/5
 

0/5

1 Screenshot
Justniffer
What's New in This Release:
  • The "-F" commandline option has been added to force the reading of pcap files with truncated packets.
read full changelog

Add your review!

SUBMIT