Easily snoop on netlink messages with ptrace
Project description
Netlink Tracer
Netlink is a socket-based interface used for communication between the Linux kernel and userspace applications.
tracenl is a proof-of-concept tool for monitoring and decoding Netlink
messages at a process level. It is implemented as a thin wrapper around
python-ptrace and
pyroute2.
Installation
Install with pip:
$ pip install tracenl
Usage
Typical usage:
$ tracenl -- iw dev
[4292] sendmsg(fd=3, msg=0x00007ffcc5215100, flags=0x0000000000000000) = 32 (0x0000000000000020)
{'attrs': [('NL80211_ATTR_WIPHY_NAME', 'nl80211')],
'cmd': 3,
'header': {'flags': 5,
'length': 32,
'pid': 1786777796,
'sequence_number': 1589321889,
'type': 16},
'reserved': 0,
'version': 1}
[4292] recvmsg(fd=3, msg=0x00007ffcc5215090, flags=0x0000000000000022) = 2316 (0x000000000000090c)
{'attrs': [('NL80211_ATTR_WIPHY_NAME', 'nl80211'),
('NL80211_ATTR_WIPHY', 29),
('NL80211_ATTR_IFINDEX', 1),
('NL80211_ATTR_IFNAME', ''),
('NL80211_ATTR_IFTYPE', 278),
('NL80211_ATTR_MAC', '14:00:01:00:08:00'),
('NL80211_ATTR_KEY_DATA', '....')],
...
Limitations
In its current state, tracenl has significant limitations:
- Only decodes nl80211 messages.
- No support for attaching to running processes.
- Unattractive console output
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
tracenl-0.1.tar.gz
(3.8 kB
view details)
Built Distribution
tracenl-0.1-py3-none-any.whl
(5.6 kB
view details)
File details
Details for the file tracenl-0.1.tar.gz.
File metadata
- Download URL: tracenl-0.1.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.20.1 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.40.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | faccb74dbed468084843d85b7d506030e4b7054ebc0d371085637f648f624ab9 |
|
| MD5 | 79c4630a71d89254939406e53fe80ac2 |
|
| BLAKE2b-256 | d09ac3f7cd67e91c31ad232184e181e47483877ec0a1341a77a2bc80608a6ac0 |
File details
Details for the file tracenl-0.1-py3-none-any.whl.
File metadata
- Download URL: tracenl-0.1-py3-none-any.whl
- Upload date:
- Size: 5.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.20.1 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.40.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f48f20204965d40df3b269d6f340da8c1834f296f6fe8f46daf0d908a7cd1cb8 |
|
| MD5 | 318d00a1fd28f4dc200ec35138bb64a8 |
|
| BLAKE2b-256 | d2efe08871f58e28ea09c6b4aadd2a00a3ed37a2f8bc5608e3938452b79ab052 |
