Skip to content

simpart/packethooker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
lib
lib
 
 
src
src
 
 
tool
tool
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

PacketHooker

PachetHooker is packet capture that has analyze and notify.
It sends POST if packets are matched specified status.

Analyzer List

Analyzer Name Description
TCP-Connection Counter it counts tcp-connection every server.
for example, it sends POST if the counter exceeds specified count.
HTTP Responce Checker not supported yet
Query Responce Checker not supported yet

Architecture Overview

arch

Supported Environment

  • CentOS 7.x
  • x86 cpu

Quick Start

install packet-hooker

git clone https://github.com/simpart/packethooker.git
cd packethooker
sudo ./tool/install.sh

capture setting

vi /etc/pkthooker/pkthooker.cnf
CAPTURE_IFACE = "ens3"   # add target interface name

notify setting

this is example for slack post setting

vi /etc/pkthooker/pkthooker.cnf
HOOK_URI = "https://hooks.slack.com/services/XXXXX/XXXXX"
HOOK_PRM = "channel=#(channel-name),username=(botname),text={@message}"

start packethooker daemon

systemctl enable pkthooker
systemctl start pkthooker
systemctl status pkthooker

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages