grepcidr can be used to filter a list of IP addresses against
one or more Classless Inter-Domain Routing (CIDR) specifications,
or arbitrary networks specified by an address range. As with
grep, there are options to invert matching and load patterns
from a file. grepcidr is capable of comparing thousands or
even millions of IPs to networks with little memory usage and
in reasonable computation time.
grepcidr has endless uses in network software, including: mail
filtering and processing, network security, log analysis, and
many custom applications.
PR: ports/80315
Submitted by: Douglas Fraser <doug+ports@idmf.net>
PNG image format. It somewhat resembles the Linux bwbar (although there is no
connection to it).
Features include measurement both on interface and assigned IP-address basis,
possible to run non-root and non-setuid, quite customizable (colours, geometry,
device max speed, etc). It also includes text output to the image.
PR: ports/76275
Submitted by: Fredrik Lindberg <fli@shapeshifter.se>
data export. Softflowd semi-statefully tracks traffic flows recorded by
listening on a network interface or by reading a packet capture file.
These flows may be reported via NetFlow to a collecting host or summarised
within softflowd itself.
PR: ports/73723
Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
features:
* Understands NetFlow protocol v.1, v.5, v.7 and v.9 (including IPv6 flows)
* Supports both IPv4 and IPv6 transport of flows
* Secure: flowd is privilege separated to limit the impact of any compromise
* Supports filtering and tagging of flows, using a packet filter-like syntax
* Stores recorded flow data in a compact binary format which supports
run-time choice over which flow fields are stored
* Ships with both Perl and Python interfaces for reading and parsing the
on-disk record format
* Is licensed under a liberal BSD-like license
PR: ports/73722
Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
tcptrack is a sniffer which displays information about TCP connections it
sees on a network interface. It passively watches for connections on the
network interface, keeps track of their state and displays a list of
connections in a manner similar to the unix 'top' command. It displays
source and destination addresses and ports, connection state, idle time, and
bandwidth usage.
WWW: http://www.rhythm.cx/~steve/devel/tcptrack
PR: ports/72543
Submitted by: Tor Halvard Furulund <squat@squat.no>
NFDUMP tools support netflow v5 and v7 capturing and processing.
nfcapd - netflow capture daemon.
Reads the netflow data from the network and stores the data into files.
nfdump - netflow dump.
Reads the netflow data from the files stored by nfcapd. It's syntax is similar
to tcpdump. If you like tcpdump you will like nfdump.
nfprofile - netflow profiler.
Reads the netflow data from the files stored by nfcapd. Filters the netflow
data according to the specified filter sets ( profiles ) and stores the
filtered data into files for later use.
nfreplay - netflow replay
Reads the netflow data from the files stored by nfcapd and sends it over
the network to another host.
WWW: http://nfdump.sourceforge.net
PR: ports/72171
Submitted by: Janos Mohacsi <janos.mohacsi@niif.hu>
decrease the likelihood of erronous command execution and
to maintain all network services from a central point,
EnderUNIX SDT anounces the availability of its 9th open-source tool,
netUstad.
It has been coded in C language and includes its own HTTP server.
The newly anounced version provides a web interface for
system administrators to add/delete/update IPFW rulesets.
You can manage your IPFW firewall via a TCP/IP connected remote PC, easily.
Development version icludes modules to manage whole
network services (routing tables, network interfaces)
PR: ports/69176
Submitted by: Ozkan KIRIK <ozkan@enderunix.org>
Approved by: krion (mentor) (implicitly)
This package contains a small Lightweight Flow Accounting (LFAP)
server and LFAP API library. LFAP open solution to delivering
accounting data from Riverstone Networks Switches and Routers.
You can use the sfas program to obtain micro-flow information
from a Riverstone switch running either in Layer 4 bridging
mode, routing or MPLS LSPs. Data that can be collected includes
everything from an IPv4 header and UDP headers and the src/dst
port from a TCP header.
WWW: http://www.riverstonenet.com/support/nmops/
detection system. Kismet will work with any wireless card which supports raw
monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
PR: ports/66274
Submitted by: Thomas Spreng <spreng@socket.ch>
plugins and store it in RRD-files. You can the use Apan to view graphs of
the data in Nagios web-interface.
WWW: http://apan.sourceforge.net
PR: ports/64941
Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
to the finest level of information available at the moment. Sometimes this
can mean an exact description of a port in a building anywhere in an enterprise.
PR: ports/64728
Submitted by: Russell Jackson <rjackson@cserv62.csub.edu>
arpscan is a very simple scanner which sends out arp requests
for the given IP addresses and displays a list of the found
hosts.
PR: ports/64605
Submitted by: David Yeske <dyeske@yahoo.com>
