11
Jan/11
0

Justniffer – cool network traffic sniffer

From time to time I need a network sniffer for debugging HTTP traffic. In most of the cases I use tcpdump, tshark or wireshark. But these tools were not sufficient in all cases. So I looked out for other tools and it seems I found a very cool console based network sniffer for analyzing HTTP traffic on linux: justniffer.

It is not limited to HTTP. It can help in toubleshooting perfomance in several network TCP based services like HTTP, SIP, SMTP, IMAP, POP, LDAP and so on.

One nice feature of justniffer is that the output format of the traffic can be customized easily. An example written in python is the justniffer-grab-http-traffic script which uses the parser script http_parser.py. Both are delivered with the official package. The justniffer-grab-http-traffic script stores the transfered contents in an output directory separated by domains. This means that the transfered files like html, css, javascript, images, sounds, etc. can be saved to a directory.

Another nice feature: Justniffer can save the sniffed HTTP transactions as apache access logs. It can include the response times which is very useful to debug performance issues.

Those two were enough for me to give it a try. And the result looks very nice. I am pretty sure there are other important features in justniffer but I haven’t tried them yet.

Installing justniffer on Ubuntu 10.10 (x86_64)

Justniffer can be downloaded from the sourceforge.net downloads.
It comes as deb package – yeah!

Having the package it can easily be installed using gdebi which allows installing local packages while resolving dependencies using the apt package repositories:

sudo gdebi justniffer_0.5.8_amd64.deb

Using justniffer to record whole HTTP traffic

Start sniffing the HTTP traffic on interface wlan0 and store the sniffed files in /tmp/test directory.

mkdir /tmp/test
sudo justniffer-grab-http-traffic -d /tmp/test -i wlan0 -U lm

This stores the HTTP traffic in a log file which is formated like the apache access log:

sudo justniffer -i wlan0 > /tmp/test/http_log
Comments (0) Trackbacks (0)

No comments yet.

No trackbacks yet.