Easily snoop on netlink messages with ptrace
Project description
Netlink Tracer
Netlink is a socket-based interface used for communication between the Linux kernel and userspace applications.
tracenl is a proof-of-concept tool for monitoring and decoding Netlink
messages at a process level. It is implemented as a thin wrapper around
python-ptrace and
pyroute2.
Installation
Install with pip:
$ pip install tracenl
Usage
Typical usage:
$ tracenl -- iw dev
[4292] sendmsg(fd=3, msg=0x00007ffcc5215100, flags=0x0000000000000000) = 32 (0x0000000000000020)
{'attrs': [('NL80211_ATTR_WIPHY_NAME', 'nl80211')],
'cmd': 3,
'header': {'flags': 5,
'length': 32,
'pid': 1786777796,
'sequence_number': 1589321889,
'type': 16},
'reserved': 0,
'version': 1}
[4292] recvmsg(fd=3, msg=0x00007ffcc5215090, flags=0x0000000000000022) = 2316 (0x000000000000090c)
{'attrs': [('NL80211_ATTR_WIPHY_NAME', 'nl80211'),
('NL80211_ATTR_WIPHY', 29),
('NL80211_ATTR_IFINDEX', 1),
('NL80211_ATTR_IFNAME', ''),
('NL80211_ATTR_IFTYPE', 278),
('NL80211_ATTR_MAC', '14:00:01:00:08:00'),
('NL80211_ATTR_KEY_DATA', '....')],
...
Limitations
In its current state, tracenl has significant limitations:
- Only decodes nl80211 messages.
- No support for attaching to running processes.
- Unattractive console output
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tracenl-0.1.tar.gz.
File metadata
- Download URL: tracenl-0.1.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.20.1 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.40.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
faccb74dbed468084843d85b7d506030e4b7054ebc0d371085637f648f624ab9
|
|
| MD5 |
79c4630a71d89254939406e53fe80ac2
|
|
| BLAKE2b-256 |
d09ac3f7cd67e91c31ad232184e181e47483877ec0a1341a77a2bc80608a6ac0
|
File details
Details for the file tracenl-0.1-py3-none-any.whl.
File metadata
- Download URL: tracenl-0.1-py3-none-any.whl
- Upload date:
- Size: 5.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.20.1 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.40.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f48f20204965d40df3b269d6f340da8c1834f296f6fe8f46daf0d908a7cd1cb8
|
|
| MD5 |
318d00a1fd28f4dc200ec35138bb64a8
|
|
| BLAKE2b-256 |
d2efe08871f58e28ea09c6b4aadd2a00a3ed37a2f8bc5608e3938452b79ab052
|
