网络包处理工具NetBee

What is NetBee?

NetBee is a new library intended for several types of packet processing, such as packet sniffing and filtering, packet decoding, and traffic classification (not ready yet).

NetBee provides a set of modules that can be used by applications that need to process network packets. Instead of creating some custom code in your application for packet processing, you can use the functions exported by NetBee.

This library is made up of several components. It includes several objects for packet decoding, packet sniffing and filtering, traffic classification (not ready yet), and some miscellaneous utilities. Additionally, it includes some components (such as the NetPDL protocol definition language, the NetVM packet processing virtual machine) that are used to do its job, but their knowledge is not required from programmers using NetBee. For a list of features that are present in NetBee, please look at the introduction page.

Why NetBee?

NetBee is a powerful library for generic packet processing. NetBee is created by the same research group that created WinPcap, the de-facto standard for sniffing packets in Windows. However, WinPcap architecture (which is derived from its UNIX ancestor, libpcap) is rather old and it does not fit for nowadays needs. WinPcap is a perfect choice in case you need a powerful library for sniffing packets with cross platform compatibility (WinPcap and the UNIX-based libpcap are almost fully compatible). However, the architecture behind WinPcap (and libpcap) has not been engineered for supporting extensions and new modules for other kinds of processing in addition to packet sniffing.

This is the reason of NetBee: we feel that the effort needed to expand and update WinPcap cannot pay in the long term. We believe that the best choice is to create a new library from scratch, with a completely new architecture (object-based, for instance), open to extensions and ready to fit to new needs. NetBee, in fact. This guarantees an high degree of freedom but, of course, it will often lead to un-tested code due to the relative poor maturity of the library.

If you start using NetBee and you used WinPcap in the past, you will see that the interface (which is object oriented) is much cleaner than its ancestor. You can find it is pretty easy to read packets from the network as well as from a file or from some other source. This is due to the object-oriented architecture of NetBee. You will be surprised how easy is to use NetBee in your programs.

Please note that NetBee is highly experimental at the current stage; no guarantees are given that the API will not change in the future. Therefore, the current release must be intended as a proof of concept in order to share some ideas with the research community.

http://www.nbee.org/doku.php

网络包处理工具NetBee的更多相关文章

iperf/netperf网络性能测试工具、Wireshark网络包分析工具
iperf http://www.linuxidc.com/Linux/2014-05/101160.htm netperf http://www.linuxidc.com/Linux/2013 ...
[转]网络性能评估工具Iperf详解（可测丢包率）
原文链接:安全运维之:网络性能评估工具Iperf详解:http://os.51cto.com/art/201410/454889.htm 参考博文:http://linoxide.com/monito ...
Python黑帽编程1&period;3 Python运行时与包管理工具
Python黑帽编程1.3 Python运行时与包管理工具 0.1 本系列教程说明本系列教程,采用的大纲母本为<Understanding Network Hacks Attack and ...
ios 抓取真机的网络包
一直被如何从真机上抓包所困扰!今天偶然看到了最简单有效的方法!分享一下: 原地址链接 http://blog.csdn.net/phunxm/article/details/38590561 通过 R ...
可视化数据包分析工具-CapAnalysis
可视化数据包分析工具-CapAnalysis 我们知道,Xplico是一个从pcap文件中解析出IP流量数据的工具,本文介绍又一款实用工具-CapAnalysis(可视化数据包分析工具),将比Xpli ...
Bower —— 一个Web的包管理工具
作者:江剑锋 github地址:https://github.com/bower/bower Bower为何物 Bower是一个Web开发的包管理软件.前端开发中,或多或少,都会以来于现成的fra ...
Linux命令行抓包及包解析工具tshark(wireshark)使用实例解析
在Linux下,当我们需要抓取网络数据包分析时,通常是使用tcpdump抓取网络raw数据包存到一个文件,然后下载到本地使用wireshark界面网络分析工具进行网络包分析. 最近才发现,原来wire ...
Python包管理工具——pip
目录 Python pip pip相关命令解决pip相关问题 Python pip Python最让人的喜欢的就是它有丰富的类库和各种第三方的包,而对于这些包的下载.删除等管理操作,就要用到包管理工 ...
转载：一、linux cpu、内存、IO、网络的测试工具
来源地址: http://blog.csdn.net/wenwenxiong/article/details/77197997 记录一下以后好找.. 一.linux cpu.内存.IO.网络的测试工 ...

随机推荐

postgresql&colon;pgadmin函数调试工具安装过程
通过安装第三方插件pldebugger,可实现在pgadmin客户端对函数设置断点.调试,具体过程如下: 1.下载pldebugger安装包:http://git.postgresql.org/git ...
java word 转 pdf
这里使用jacob将word转pdf,使用的是jacob.jar import java.io.File;import com.jacob.activeX.ActiveXComponent;impor ...
据说Linuxer都难忘的25个画面
导读虽然对 Linux 正式生日是哪天还有些争论,甚至 Linus Torvalds 认为在 1991 那一年有四个日子都可以算作 Linux 的生日.但是不管怎么说,Linux 已经 25 岁了, ...
模拟storage copy 功能失败的记录
试验设想: 机器1: alter database begin backup 然后,在oracle仍然活动的状态下,将$ORACLE_BASE目录全部压缩拷贝到机器2 机器2: startup:失败 ...
MYSQL启用日志，查看日志，利用mysqlbinlog工具恢复MySQL数据库【转载】
转自 MYSQL启用日志,查看日志,利用mysqlbinlog工具恢复MySQL数据库 - _安静 - 博客园http://www.cnblogs.com/xionghui/archive/2012/ ...
怎么获取泛型T&period;class类？
public <T> void get(List<T> list){ getA(T.class); //报错,不能调用T.class } public void getA(Cl ...
Git&amp&semi;GitHub
Git是一个开源的分布式版本控制系统,可以有效.高速地处理从很小到非常大的项目版本管理. Git 是 Linus Torvalds 为了帮助管理 Linux 内核开发而开发的一个开放源码的版本控制软 ...
【iCore4 双核心板&lowbar;FPGA】实验十八：Niosii——基于内部RAM建立第一个软核
实验指导书及源代码下载地址: 链接:https://pan.baidu.com/s/1mjpwGJI 密码:6u8v iCore4链接:
Wshshell 脚本简单学习
WshShell 的简单语法学习同事给了一个脚本自动执行部署命令感觉挺好的 , 年前一直说要学习一下但是一直没有学习(自己太懒了) 这次简单总结一下. 创建对象: Set WshShell ...
linux环境中，多个命令之间，通过&amp&semi;&amp&semi; ||执行，命令之间执行的逻辑是什么？
需求描述: 最近在写一个脚本的时候,要判断一个文件是否存在,有怎么样,没有就创建,这个时候看到了一个test 结合 || 或者 &&的写法,就查看了下资料记录下是怎么个玩法. 操作过 ...