nflog_sniff extended with C++ implementation
With nflog_sniffer.cpp I've just added a C++ implementation to the nflog_sniff repository.
It uses the lean (and apparently also very fast) libtins library.
With nflog_sniffer.cpp I've just added a C++ implementation to the nflog_sniff repository.
It uses the lean (and apparently also very fast) libtins library.
The nflog-bindings from Pierre Chifflier make it trivially easy to write a passive packet sniffer which can be controlled via iptables and listens to traffic on multiple interfaces at the same time.
As a little exercise I have written a simple DNS packet sniffer, once in Perl and once in Python:
To use the sniffer, first create an iptables rule like this: iptables -I INPUT -p udp --sport 53 -j NFLOG --nflog-group 123
Then start one of the sniffer scripts and observe the extracted DNS queries :-)
For a more convenient download I've also put the scripts in a proper Github repository: nflog_sniff