netdumplings

A framework for distributed network packet sniffing and processing.

netdumplings requires Python 3.7 or later. The source is on GitHub. It can be used as the back-end for tools like netmomo and packscape. It has been tested with Python 3.8 on OS X 10.15 and Windows 10. This is version 0.5.1.

• Installation
• Overview
• Quickstart
• Writing a dumpling chef
• Writing a dumpling eater
• API
• Developing

Summary

To use netdumplings you:

• Run one or more packet sniffer kitchens (using nd-sniff), giving each one:

  • A PCAP-style packet filter

  • Some dumpling chefs you’ve written for packet processing and dumpling creation

• Run the dumpling hub (called nd-hub) which forwards dumplings from the sniffers to the eaters

• Write dumpling eaters to display or process the dumpling contents

You can run the sniffer kitchens and dumpling eaters on as many different hosts as you like; but you only run one instance of the hub. The sniffers, hub, and eaters all communicate over WebSockets.

The netdumplings components are loosely coupled to provide you with some flexibility for where and how you run the various pieces.