Codebase list ipgrab / HEAD
HEAD

Tree @HEAD (Download .tar.gz) 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
$Id: README,v 1.5 2007/07/10 13:30:19 farooq-i-azam Exp $

ipgrab 

Mike Borella
mike@borella.netNOPSAM

------------------------------------------------------------------------------

COPYRIGHT

Copyright (C) 1997-2007 Mike Borella

Redistribution and use in source and binary forms are permitted
provided that this paragraph is duplicated in all such forms and in
any documentation, advertising materials, and other materials related
to such distribution and use acknowledge that the software was
developed by Mike Borella.  The name of the Author may not be used to
endorse or promote products derived from this software without
specific prior written permission.

THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Some of this code has been taken from tcpdump, which was developed by
the Network Research Group at Lawrence Berkeley National Lab, and is
copyrighted by the University of California Regents.

------------------------------------------------------------------------------

ABOUT

This README file accompanies ipgrab version 0.9.10. 

This new release fixes many bugs and errors, and ipgrab is now lot
more stable. You may see ChangeLog for more details of the changes 
which were applied. Also, this release is now in synchronization with 
CVS repository.

You may download a fresh copy of ipgrab from the following website:

http://www.sourceforge.net/projects/ipgrab/

-------------------------------------------------------------------------------

DESCRIPTION

This program reads and parses packets from the link layer through the
transport layer, dumping explicit header information along the way.
It is a lot like tcpdump from LBL except that I've made an effort to
dump every relevant header field possible.  The overall structure of
the code is loosely based on tcpdump and I've lifted a few modules
from the tcpdump distribution when necessary, rather than re-inventing
the wheel.  In particular, the address conversion hashing routines are
pretty much lifted verbatim, as well as the TCP options section.

I expect that this code can be used for detailed packet level
debugging of existing or new protocols.  Also, I imagine that it could
be a useful teaching and instruction tool for TCP/IP or security
courses.  I've made an effort to make the code readable, sometimes
even at the expense of efficiency, so that one can use it to learn
about the pcap library calls and the header field data structures.

Would you like to see new features and protocols supported?  Do you
have a proprietary protocol that you'd like to test?  Two ways to make
it happen: (1) write a module yourself - if you send me a copy I'll
merge it into my source and acknowledge you as author, (2) ask me to
write it - send me email for details.

-------------------------------------------------------------------------------

INSTALLATION

You must have the pcap library (libpcap) installed.  In particular,
the pcap.h and net/bpf.h files must be in an appropriate include
directory (just grabbing a pre-compiled libpcap.so won't cut it).
Download pcap from http://www.tcpdump.org

Run the configure script to create a Makefile, then type 'make'.  If
you need to install any other libraries or headers, configure should
tell you.

It should compile cleanly on Linux and most other types of UNIX.  It 
will also run on Windows if the WinPcap library is properly installed. 
In order to build on Windows you need Cygwin with the WinPcap 
development files installed in the /usr/local directory.

Please refer to INSTALL file included with the ipgrab package for 
more detailed help on installation.

-------------------------------------------------------------------------------

OPERATION

See man and info pages for details.

-------------------------------------------------------------------------------

BUGS

Please report any problems or bugs to

Mike Borella <mike@borella.net>
Muhammad Farooq-i-Azam <farooq@chase.org.pk>

-------------------------------------------------------------------------------

THANKS

Marty Roesch fixed some of the timestamping, and provided the code for
payload output.  Jorgen Pehrson provided the buffered output option.
Stuart Stock added a lot of fixes to ISAKMP.  Cullen Jennings contributed
the MGCP parser.

Lots of other people suggested things that eventually made their way
into the code, in one form or another.

-------------------------------------------------------------------------------

DISCLAIMER

Please use ipgrab at your own risk. There is no warranty, expressed or 
implied, associated with this product.

-------------------------------------------------------------------------------

Commit History @HEAD