netdumplings¶
A framework for distributed network packet sniffing and processing.
netdumplings requires Python 3.7 or later. The source is on GitHub. It can be used as the back-end for tools like netmomo and packscape. It has been tested with Python 3.8 on OS X 10.15 and Windows 10. This is version 0.5.1.
Summary¶
To use netdumplings you:
- Run one or more packet sniffer kitchens (using
nd-sniff
), giving each one: A PCAP-style packet filter
Some dumpling chefs you’ve written for packet processing and dumpling creation
- Run one or more packet sniffer kitchens (using
Run the dumpling hub (called
nd-hub
) which forwards dumplings from the sniffers to the eatersWrite dumpling eaters to display or process the dumpling contents
You can run the sniffer kitchens and dumpling eaters on as many different hosts as you like; but you only run one instance of the hub. The sniffers, hub, and eaters all communicate over WebSockets.
The netdumplings components are loosely coupled to provide you with some flexibility for where and how you run the various pieces.