1 Here's a list of things we need to do (contributions are welcome and highly
2 appreciated, please also read Documentation/SubmittingPatches about how to
3 submit your contributions):
5 1) Highest prio: Cleanup and refactor the code and build system to make it
6 more maintainable, stable, and probably faster!
7 2) Implement test cases with libtap (src/test/). Make the output readable
8 (currently cmake hides it all).
9 3) Add full IPv6 support for ashunt and flowtop, test IPv6 on curvetun.
10 4) GeoIP support during netsniff-ng sniffing would be nice.
11 5) Make trafgen write to a pcap instead to a device.
12 6) Let netsniff-ng and trafgen support pcap and pcap-ng!
13 7) Include an ARP cache poisoning switch into netsniff-ng.
14 8) Add an interactive mode (libcli) for trafgen and make the interface
15 nice and useable such as in Mausezahn.
16 9) Add fork + fanout mode for a threaded netsniff-ng and trafgen.
17 10) Add a proper 802.11 dissector for netsniff-ng.
18 11) Add WEP/WPA (live) decryption support, where keys are passed via cmdline.
19 12) Add new dissectors (e.g. BGP, DNS, DCCP, SCTP, RSVP, IPsec, LISP, RADIUS,
20 LLC, fix MPLS?, improve ARP, BPDU, PVST, CDP, LLDP, RTP, Syslog, NTP, ...).
21 13) Easier language for /fast/ filtering (e.g. on top of BPF so that it can run
22 in the kernel), include this into bpfc.
23 14) Add timedb for ifpps, so that we have round robin time series database
24 measurements (https://github.com/EPiCS/reconos/tree/master/linux/tools/timedb).
25 15) netsniff-ng, trafgen: give recommendation or tune socket rmem/wmem.
26 16) Further micro-optimize netsniff-ng and trafgen's performance.
27 17) Security review of curvetun.
28 18) Add a new tool tlsplonk for debugging and analysis of TLS/SSL certs (and
29 make it useful to find suspicious certs).
30 19) Option for anonymizing pcap/pcap-ng files.
31 20) Add an interactive mode (libcli) for netsniff-ng, make it look similar to
32 trafgen's interactive mode and as useful, so that both can be used as a
34 21) Obfuscate curvetun's protocol to make it hard/resource-intensive
36 22) Add different timing models to trafgen, not just a static interpacket gap.
37 23) Check if we can further improve linux-net/net/packet/af_packet.c.
38 24) Do we need TPACKETV2 or even TPACKETV3 if it is eventually implemented? Are
39 there performance benefits?
40 25) Do performance tests with 10 Gigabit cards and more appropriate servers than
42 26) Offload dissector implementations into a scripting engine in order to i)
43 make it more secure (just an assumption), ii) speed up dissector development
44 iii) keep the core less complex. Printing out dissectors is a slow task
45 anyways and people should always use --silent for recording.
46 27) Integration of our repository with Travis-CI
47 28) Remove liburcu dependency from flowtop
48 29) Improve the kernel's net/packet/af_packet.c (that we rely on)
49 30) Process raw VLAN headers with TPACKETv2 as in Issue #36 described