Inav

From aldeid
Jump to navigation Jump to search

Description

Inav (Interactive Network Active-traffic Visualization) is a tool that shows traffic in real time on a Java-based client. It is composed of a server that gathers traffic in real time, and a client that renders the information on a map.

Installation

Server

First install dependencies: 

# aptitude install build-essential libpcap-dev
$ cd /data/src/
$ wget http://inav.scaparra.com/files/server/INAV-Server-0.3.7.tar.gz
$ tar xzvf INAV-Server-0.3.7.tar.gz
$ cd INAV-Server-0.3.7/server/
$ make

Client

Download the client: 

$ cd /data/src/
$ wget http://inav.scaparra.com/files/client/INAV-0.15.jar

Usage

Server

Basic start

Start the server as follows: 

$ cd /data/src/INAV-Server-0.3.7/server/
$ ./inavd
INAV SERVER v0.3.7
Device(s) set to 
File(s) set to 
CVSFile(s) Set To

Options

-h, --help
This help menu.
-vv
Extra verbosity.
-v
Display version
-ls
List available devices
-i <interfaces>
specify interface or multiple eth0,eth1,eth2
-f <pcapfiles>
List pcap files to use as input
-c <cvsfiles>
List of cvs files to use as input
-s <usec>
Nano seconds to wait before loading in next line of a cvs file
-p <portNum>
specifty port number to listen on
--debug
starts the debug thread.

Client

Start the client as follows: 

$ cd /data/src/
$ java -jar INAV-0.15.jar

Connect the client to the server

Once the client is opened, configure the connection as follows and click on "Connect":

See information from nodes

From the map, you can click on the nodes to get additional information related to the IP addresses:

Example

Read a pcap file

On the server (could be the same machine as the client), run: 

$ ./inavd -f /data/development/workspace/pytbull/pcap/kraken.pcap

On the client side, run: 

$ java -jar INAV-0.15.jar

Here are the results:

Real time traffic

The following example shows a real time traffic capture using tcpdump as a filter (inavd does not come with filtering options).

  • On the server:

From a first window, run (adapt the BPF filter depending on your needs): 

# tcpdump -nS -i eth2 -w realtimetraffic.pcap port 25

From another window, just read the pcap file generated by the previous tcpdump command: 

# inavd -f realtimetraffic.pcap
  • On the client:

Just run: 

$ java -jar INAV-0.15.jar

Here are the results:

Comments

Retrieved from "https://www.aldeid.com/w/index.php?title=Inav&oldid=22312"