How to read all traffic received on one network interface using Erlang
Papa Tana
papa.tana101@REDACTED
Tue Aug 11 17:44:35 CEST 2020
https://github.com/msantos/epcap.git
# I just checked this and it seems to solve my need, amazing!
Your "network sniffer" is exactly describing my need.
I'm wondering how I missed it.
Thanks!!
Le mar. 11 août 2020 à 18:02, Mark Geib <mark.geib.44@REDACTED> a écrit :
> A number of years ago I wrote a network sniffer to meet some specific
> requirements that tcpdump did not provide. I used
> https://github.com/msantos/epcap.git
>
> That app is still in production today, works well.
>
> Mark.
>
>
> On Aug 11, 2020, at 6:12 AM, Papa Tana <papa.tana101@REDACTED> wrote:
>
> Hi All,
>
> Great day!
>
> I have one network interface, connected with a client:
>
> [client]------> [(eth0)::Me]
>
> Whenever I want to read all traffic I received on my (eth0) interface, I'm
> using tcpdump.
> # tcpdump -i eth0 -w file.pcap
>
> And only after that, I can pass the pcap file to Erlang as an Argument,
> and I can process/modify it:
> https://github.com/hokiespurs/velodyne-copter/wiki/PCAP-format
>
> It's working, but as you can see, it's not real time :-/
>
> gen_tcp/gen_udp are not working because I would only capture all traffic
> matching ip address and udp port and for me only. But I want all traffic in
> my eth0 (traffic can be for other destination, not Me).
>
> I have checked
> https://github.com/msantos/procket
> https://github.com/msantos/pkt
> https://erlang.org/doc/man/socket.html
>
> they are great jobs, but seem to be encoding/decoding and need to specify
> protocol for socket:bind
>
> Can anyone advice please?
>
> Thanks,
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20200811/1f3a2993/attachment.htm>
More information about the erlang-questions
mailing list