capdiss 0.3.1

Capdiss is a runtime environment for reading capture files (pcap, pcap-ng). It defines a simple event-driven API for Lua scripts. The aim of capdiss is to provide a comfortable environment for packet manipulation, where an analyst has to write less code, to do more, in a type-safe language. To achieve that, capdiss embeds powerful, yet minimalistic, scripting language Lua, and supports the native packet dissection framework Coroner.

Tags pcap network analysis lua
License MITL
State initial

Recent Releases

0.3.131 Aug 2016 06:45 minor feature: Resolve a problem with invincible scripts. Remove example script. Use C comments so compilers stop complaining. Build. See the ChangeLog. Use sigsetjmp and siglongjmp. Add portability sauce. missing param for longjmp.
0.3.027 Aug 2016 12:05 minor feature: Use lower-case global name 'capdiss'. README updated. Accept multiple pcap input files. Version information changed (0.3.0). Get rid of capdiss_lua. c h . Use LDFLAGS variable. Wrap most of the interaction with Lua in lscript. Uninstall rule. Pass link-type as a second param to method 'begin'. Print libpcap version information. Change order of parameters for method capdiss.each. Trivial. Pass timestamp in microseconds. file is not needed atm. lscript_set_table_item (UNTESTED). Change command line arguments. Use lua_pushstring where possible. Changed the way how scripts are loaded. Remove support for multiple input files. File header updated. ChangeLog updated. copyright year. New function lua_load_source. Export capdiss version to Lua global environment. Support for 'sigaction' function. ChangeLog updated. Do not handle SIGQUIT signal. Some portability magic. Portability magic #2. Added.dummy rules. Cleanup unused headers. Bundle Lua-5.2.4 for static compilation. Auxiliary files updated. Add file header for Makefile. Makefile for Windows. Vendor directory structure change. Missing lauxlib.h. Vendor dir structure updated. Use 'linux' subdir to store static libraries. Vendor README updated. Windows library bundle. INSTALL instructions for Windows updated. LDFLAGS were referencing itself. New example script. param order. copyright date. Add root dir Makefile for Windows platform. Replace static lua library. README updated. Define Makefile variable STRIPPED, to strip binaries. Installation instructions updated (striped binaries). convert tv_usec to microseconds. Set _OS global var in Lua environment. Remove old code. Add param for script args. New use pattern!. File list structure. Return error string when stack is full. Prevent memory leak when opening multiple files. Do not free bpf buffer after it has been compiled. Clear stack if table is not set. .DUMMY is not a keyword, use.PHONY. Reinitialize packet counter for each open file. Set global variable _STDOUT_TYPE.
0.2.101 Jul 2015 21:45 minor feature: Use different error messages when reading from stdin. If 'each' method doesn't exist, do not search again. Skip the notok scripts earlier (optimization).
0.2.027 Jun 2015 22:05 minor feature: Legacy code removed. Perform stack size check before every push. Support for packet filter program (option -t). Changelog and TODO updated. README updated. Decrease verbosity of error messages. Invalid index into argv array. Signal handling improved.
0.1.018 Jun 2015 16:37 minor feature: * Initial version release. * Support for methods: Capdiss.begin (), Capdiss.each (), Capdiss.finish (). * Load scripts from source (option -e) or from file (option -f).