What is NetBee?

NetBee is a new library intended for several types of packet processing, such as packet sniffing and filtering, packet decoding, and traffic classification (not ready yet).

NetBee provides a set of modules that can be used by applications that need to process network packets. Instead of creating some custom code in your application for packet processing, you can use the functions exported by NetBee.

This library is made up of several components. It includes several objects for packet decoding, packet sniffing and filtering, traffic classification (not ready yet), and some miscellaneous utilities. Additionally, it includes some components (such as the NetPDL protocol definition language, the NetVM packet processing virtual machine) that are used to do its job, but their knowledge is not required from programmers using NetBee. For a list of features that are present in NetBee, please look at the introduction page.

Why NetBee?

NetBee is a powerful library for generic packet processing. NetBee is created by the same research group that created WinPcap, the de-facto standard for sniffing packets in Windows. However, WinPcap architecture (which is derived from its UNIX ancestor, libpcap) is rather old and it does not fit for nowadays needs. WinPcap is a perfect choice in case you need a powerful library for sniffing packets with cross platform compatibility (WinPcap and the UNIX-based libpcap are almost fully compatible). However, the architecture behind WinPcap (and libpcap) has not been engineered for supporting extensions and new modules for other kinds of processing in addition to packet sniffing.

This is the reason of NetBee: we feel that the effort needed to expand and update WinPcap cannot pay in the long term. We believe that the best choice is to create a new library from scratch, with a completely new architecture (object-based, for instance), open to extensions and ready to fit to new needs. NetBee, in fact. This guarantees an high degree of freedom but, of course, it will often lead to un-tested code due to the relative poor maturity of the library.

If you start using NetBee and you used WinPcap in the past, you will see that the interface (which is object oriented) is much cleaner than its ancestor. You can find it is pretty easy to read packets from the network as well as from a file or from some other source. This is due to the object-oriented architecture of NetBee. You will be surprised how easy is to use NetBee in your programs.

Please note that NetBee is highly experimental at the current stage; no guarantees are given that the API will not change in the future. Therefore, the current release must be intended as a proof of concept in order to share some ideas with the research community.

http://www.nbee.org/doku.php

网络包处理工具NetBee的更多相关文章

  1. iperf/netperf网络性能测试工具、Wireshark网络包分析工具

    iperf   http://www.linuxidc.com/Linux/2014-05/101160.htm netperf  http://www.linuxidc.com/Linux/2013 ...

  2. [转]网络性能评估工具Iperf详解(可测丢包率)

    原文链接:安全运维之:网络性能评估工具Iperf详解:http://os.51cto.com/art/201410/454889.htm 参考博文:http://linoxide.com/monito ...

  3. Python黑帽编程1.3 Python运行时与包管理工具

    Python黑帽编程1.3  Python运行时与包管理工具 0.1  本系列教程说明 本系列教程,采用的大纲母本为<Understanding Network Hacks Attack and ...

  4. ios 抓取真机的网络包

    一直被如何从真机上抓包所困扰!今天偶然看到了最简单有效的方法!分享一下: 原地址链接 http://blog.csdn.net/phunxm/article/details/38590561 通过 R ...

  5. 可视化数据包分析工具-CapAnalysis

    可视化数据包分析工具-CapAnalysis 我们知道,Xplico是一个从pcap文件中解析出IP流量数据的工具,本文介绍又一款实用工具-CapAnalysis(可视化数据包分析工具),将比Xpli ...

  6. Bower —— 一个Web的包管理工具

    作者:江剑锋   github地址:https://github.com/bower/bower Bower为何物 Bower是一个Web开发的包管理软件.前端开发中,或多或少,都会以来于现成的fra ...

  7. Linux命令行抓包及包解析工具tshark(wireshark)使用实例解析

    在Linux下,当我们需要抓取网络数据包分析时,通常是使用tcpdump抓取网络raw数据包存到一个文件,然后下载到本地使用wireshark界面网络分析工具进行网络包分析. 最近才发现,原来wire ...

  8. Python包管理工具——pip

    目录 Python pip pip相关命令 解决pip相关问题 Python pip Python最让人的喜欢的就是它有丰富的类库和各种第三方的包,而对于这些包的下载.删除等管理操作,就要用到包管理工 ...

  9. 转载: 一、linux cpu、内存、IO、网络的测试工具

    来源地址: http://blog.csdn.net/wenwenxiong/article/details/77197997 记录一下 以后好找.. 一.linux cpu.内存.IO.网络的测试工 ...

随机推荐

  1. VideoView 播放资源目录raw下的视频

    你把影片copy到res/raw下!檔名小寫加底線,例如:default_video.3gp,在程式碼裡指定uri路徑 String uri = "android.resource://&q ...

  2. 19Spring_AOP编程(AspectJ)_使用@Pointcut注解来定义切点

    我们之前的方式是采用 @AfterReturning(value="execution(* com.guigu.shen.anotion.UserDaoImpl.*(..))",r ...

  3. WPF:如何为程序添加splashScreen(初始屏幕)

    原文:http://www.cnblogs.com/chenxizhang/archive/2010/03/25/1694606.html 官网: https://msdn.microsoft.com ...

  4. js中的预加载与懒加载(延迟加载)

    js中加载分两种:预加载与延迟加载 一.  预加载,增强用户的体验,但会加载服务器的负担.一般会使用多种 CSS(background).JS(Image).HTML(<img />) . ...

  5. OAF 中对文字实现html效果及对超级长文本实现默认换行,对只读的messageTextInput中的内容自动换行

    今天遇到一个需求,客户注册页面客户化了一个超级长的注册须知,内容很多.但是样式相对又要做起来好看点. 注册须知的内容使用多个message拼接而成. 老大说rawText支持html样式,于是我想到了 ...

  6. 实现可以滑动的GrildView,类似美团网首页的GrildView功能菜单

    首先上实现效果图,不会做动态图,就先凑合着看吧 使用了网上的一个开源控件viewpagerindicator,可以自定义切换时候显示的标记,圆点,或者下划线. GrildView显示的是手机上的全部a ...

  7. [CareerCup] 4.3 Create Minimal Binary Search Tree 创建最小二叉搜索树

    4.3 Given a sorted (increasing order) array with unique integer elements, write an algorithm to crea ...

  8. Hash中的一些概率计算

    Hash是把锋利的刀子,处理海量数据时经常用到,大家可能经常用hash,但hash的有些特点你是否想过.理解过.我们可以利用我们掌握的概率和期望的知识,来分析Hash中一些有趣的问题,比如: 平均每个 ...

  9. 第八章 self sizing cell

    本项目是<beginning iOS8 programming with swift>中的项目学习笔记==>全部笔记目录 ------------------------------ ...

  10. 《1024伐木累》-te别篇,庭审你知道吗?

    思前想后,我觉得不应该发这一期,因为,做完这一期之后突然发觉,自己失去了主题,到底是在讽刺?还是在讽刺?还是在讽刺呢?不论是什么,大家自己判断吧.就当作者不想发表自己的观点,先看这一期的对白吧! 1. ...