I.2. Links to Software

I.2.1. Basic Utilities

  • The net-tools package is a collection of basic utilities for managing the Ethernet and IP layer under linux.

  • The iproute2 package provides command-line support for the full functionality of the linux IP stack. This package, written by Alexey Kuznetsov, is available here and is mirrored here.

  • A tool more convenient than traceroute for tracing routes, mtr can be obtained here.

  • The network swiss army knife of nc (NetCat) is available from @stake.

  • For a far more flexible tool in the same vein as nc, socat connects all manner of files, sockets, and file descriptors under most types of unix.

I.2.2. Virtual Private Networking software

  • CIPE is a lightweight nonstandard VPN technology which can use shared secrets or RSA keys. CIPE is developed primarily for linux but includes a Windows port.

  • For a standards based VPN technology, FreeS/WAN provides IPSec functionality for the linux kernel. If you need an SRPM of the FreeSWAN IPSec software, get it here. Note that development kernel 2.5.47+ contains kernel-native support for IPSec. Refer to the LARTC IPSec documentation for more on this.

I.2.3. Traffic Control queueing disciplines and command line tools

  • Martin Devera has written a queueing discipline called HTB which has been incorporated into the 2.4.20 kernel series. As of this writing, HTBv3 is included in kernel 2.4.20+, but tc doesn't support htb without the patch available here.

  • Weighted Round Robin is a queueing discipline which distributes bandwidth among the multiple open connections. Although the wrr qdisc is not included in the kernel, it is available here.

  • Patrick McHardy has written a device which can be used independent of interface to perform traffic shaping. The Intermediate Queueing Device (IMQ) is supported under kernel 2.4 and provides support for ingress shaping and traffic shaping over multiple physical devices. (Site was available here.)

  • Werner Almesberger is working on a more user friendly traffic control front end called tcng. This package includes a userspace simulator tcsim.

  • DiffServ

I.2.4. Interfaces to lower layer tools

  • A collection of various scripts and other interfaces for netfilter is available here.

  • A curses-based tool ipmenu provides a single uniform interface to many of the IP layer features of linux.

I.2.5. Packet sniffing and diagnostic tools

  • The tcpdump utility is a well known cross-platform utility for sniffing traffic on the wire.

  • To watch plaintext protocol conversations, the tcpflow tool can be invaluable.

  • To gather data on the nature and quality of the network path between two points, the bing program provides a running set of statistics by calculating the delta between ICMP echo replies from different hosts.

  • To help diagnose problems between network points, the pathchar tool can be handy. Unfortunately, it only comes in a binary release, apparently because Van Jacobsen did not feel it was ready for full release.

  • Among the sniffing and spoofing tools, dsniff has received good press. It is a collection of tools for network auditing and penetration testing.

  • If you need to capture and reinject packets into the network, libnet is a library you can use for these purposes. This is a diagnostic and security tool.

  • To reproduce traffic from a captured file, use tcpreplay.