freki
freki copied to clipboard
Published
20 hours ago •
kung-foo
kung-foo
Support packet logging
- Log all packets into one file
- One pcap per connection
- Enable pcap logging in the config file
- Pcap logging per IP address
- Pcap per port/protocol
Is there a strong case for any of the splitting features? i.e. is any better than just wireshark?
Also, would you expect the packets to be collected before the mangling?
Also, one thing to keep in mind. The chan *RawPacket doesn't return bytes with the ethernet header. So I can't just grab the packet and write it to a pcap file.