justniffer - TCP Packet Sniffer

Distribution: openSUSE 42.1
Repository: openSUSE Network Utilities all
Package name: justniffer
Package version: 0.5.7
Package release: 3.2
Package architecture: x86_64
Package type: rpm
Installed size: 459.03 KB
Download size: 124.67 KB
Official Mirror: ftp.gwdg.de
justniffer is a tcp packet sniffer. It captures reassembles and reorders TCP packets, performs IP packet defragmentation and displays the tcp flow and trace timings. It is useful for logging network traffic in a 'standard' (web server like) or in a customized way. It can log http response time, useful for tracking network services performances (e.g. web server, application server, etc.) . Main differences from other sniffers: * it captures tcp/ip traffic and handle all tcp/ip stuff (reordering, retrasmissions, defragmentation). The tcp stream adjustment is very reliabe since is performed using linux kernel code included in a slightly modified version of the nids library * it reports timing informations. So it can be useful for tracking network system performances: for example http response time, connection time, etc. * it can generate logs in a highly customizable way. For example can mimic the apache access_log



  • justniffer = 0.5.7-3.2
  • justniffer(x86-64) = 0.5.7-3.2


    Install Howto

    1. Add the openSUSE Network Utilities repository:
      # zypper addrepo http://ftp.gwdg.de/pub/opensuse/repositories/network:/utilities/openSUSE_Leap_42.1/ opensuse-network-utilities
    2. Install justniffer rpm package:
      # zypper install justniffer


    • /usr/bin/justniffer
    • /usr/bin/justniffer-grab-http-traffic
    • /usr/share/doc/packages/justniffer/AUTHORS
    • /usr/share/doc/packages/justniffer/COPYING
    • /usr/share/doc/packages/justniffer/ChangeLog
    • /usr/share/doc/packages/justniffer/README
    • /usr/share/justniffer/
    • /usr/share/justniffer/scripts/common.py
    • /usr/share/justniffer/scripts/http_parser.py
    • /usr/share/man/man8/justniffer.8.gz


    2011-09-25 - andreas.stieger@gmx.de - build dependency on libnet-devel from 11.4, libnet before

    2009-07-25 - pascal.bleser@opensuse.org - update to 0.5.6: * a flush on standard output is forced whenever a new line is written * the close_originator handler was fixed * lintian errors were fixed

    2009-06-29 - pascal.bleser@opensuse.org - update to 0.5.5: * the performance keywords (%connection_time, %respone_time, %close_time, etc) were improved by adding a "not applicable string" which can be set by an optional parameter * the documentation... was updated for an enhancement provided since version 0.5.3

    2009-06-26 - pascal.bleser@opensuse.org - update to 0.5.4: * fixes the request.header.* and response.header.* keywords * adds the keywords connection.timestamp2, request.timestamp2, and response.timestamp2

    2009-06-25 - pascal.bleser@opensuse.org - update to 0.5.3: * fixes the %source.ip, %dest.ip, %source.port, %dest.port, %idle.time.0, and %close.time keywords * an -n option was added * an -x option was added for encoding unprintable chars * A "not found string" parameter for request.header.* and response.header.* keywords was added

    2009-06-03 - pascal.bleser@opensuse.org - new package