A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.
English ∙ 简体中文
Netis Cloud Probe
What is Netis Cloud Probe?
Netis Cloud Probe (Packet Agent, name used before)is an open source project to deal with such situation: it captures packets on Machine A but has to use them on Machine B. This case is very common when you try to monitor network traffic in the LAN but the infrastructure is incapable, for example
Also, this project aims at developing a suite of low cost but high efficiency tools to survive the challenge above.
With 4 utilities:
Getting Started Installation CentOS 7/8 and RedHat 7
wget https://github.com/Netis/cloud-probe/releases/download/v0.7.0/netis-cloud-probe-0.7.0.x86_64_centos.rpm rpm -ivh netis-cloud-probe-0.7.0.x86_64_centos.rpmSUSE 12SP2
wget https://github.com/Netis/cloud-probe/releases/download/v0.7.0/netis-cloud-probe-probe-0.7.0.x86_64_suse.rpm rpm -ivh netis-cloud-probe-probe-0.7.0.x86_64_suse.rpmUbuntu 18.04LTS
wget https://github.com/Netis/cloud-probe/releases/download/v0.7.0/netis-cloud-probe-0.7.0_amd64.deb sudo dpkg -i netis-cloud-probe-0.7.0_amd64.deb
Remarks: If it encounter a library dependency error when install from rpm, you should install boost_1_59_0 or later. If this also can't work, you can build and run from source.
Remarks: Now only support CentOS 6/7, RedHat 7, SUSE 12, Ubuntu 18.04 LTS.
Windows 2019 server
Usage
Remarks: Make sure the firewall allows GRE packets to be sent to the target. https://lartc.org/howto/lartc.tunnel.gre.html provides a way to check firewall allows GRE packets to be sent.
# Capture packet from NIC "eth0", encapsulate with GRE header and send to 172.16.1.201 pktminerg "-i eth0 -r 172.16.1.201 -k 12"compare 2 pcap files
pcapcompare --lpcap /path/to/left_file.pcap --rpcap /path/to/right_file.pcap
Capture packet from NIC "eth0" and save them to gredump_output.pcap
gredump -i eth0 -o /path/to/gredump_output.pcap
Capture packets from NIC "eth0", forward to 172.16.1.201 with GRE encapsulated and capture packets from "eth1", forward to 10.1.2.123 with vni encapsulated
pktminerg "-i eth0 -r 172.16.1.201 -k 12" "-i eth1 -r 10.1.2.123 -n 12"
For more information on using these tools, please refer to this document.
For docker usage, please refer to this document.
Build from source.
You can also clone source from Github and build Netis Packet Agent in local, then check"/path/to/packet-agent/bin" to find all binary.
For build precondition and steps, please refer to this document.
Documentation / Useful link
Contributing
Fork the project and send pull requests. We welcome pull requests from members of all open source community.
License
Copyright (c) 2018 - 2020 Netis.
The content of this repository bound by the following licenses:
Contact info
Twice a month we will interview people behind open source businesses. We will talk about how they are building a business on top of open source projects.
We'll never share your email with anyone else.