packet agent v0.7 releases: toolset for network packet capture, forwarding and analysis

by do son · Published November 7, 2019 · Updated October 8, 2023

Netis Packet Agent

Netis Packet Agent is an open-source project to deal with such a situation: it captures packets on Machine A but has to use them on Machine B. This case is very common when you try to monitor network traffic in the LAN but the infrastructure is incapable, for example

There is neither a TAP nor SPAN device in a physical environment.
The Virtual Switch Flow Table does not support the SPAN function in a virtualization environment.

Also, this project aims at developing a suite of low-cost but high-efficiency tools to survive the challenge above.

pktminerg is the very first one, which makes you easily capture packets from a NIC interface, encapsulate them with GRE and send them to a remote machine for monitoring and analysis.

With 3 utilities:

pcapcompare is a utility for comparing 2 different pcap files.
gredump is used for capturing GRE packets with filters and save them to a pcap file.
gredemo is a demo app which is used to read packets from a pcap file and send them all to remote NIC. This can be only used when built from source code.