Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: libpnet and net-parser-rs #16

Open
stephanbuys opened this issue Jan 5, 2019 · 2 comments
Open

Question: libpnet and net-parser-rs #16

stephanbuys opened this issue Jan 5, 2019 · 2 comments

Comments

@stephanbuys
Copy link

Hi there, this project looks really cool and I'm currently looking for a similar crate, I'm leaning towards adding parsing to libpnet - is there a reason (that I'm missing) why a new crate like this was needed as apposed to using something like libpnet?

@dbcfd
Copy link
Collaborator

dbcfd commented Jan 5, 2019

  • Minimalism: This create is meant really to do just parsing at a file, record, or packet level. Could probably even just use this crate in libpnet to do parsing, although there is already parsing support in libpnet, but it's a little less straightforward, which leads to...
  • Simplicity: Packet parsing is straightforward and easy to implement, using nom, rather than a custom build script and macros
  • Extraction Support: We're looking to make it easy to turn byte streams, records, packets, etc. into something like https://github.com/corelight/community-id-spec

That being said, if pnet supports what you need, you should probably use it, since it is a more mature library. This is a library we're using internally for the use cases we have, both in terms of receiving and interrogating packets, and have open sourced it to see if others find it useful.

Also, if you're running into speed/efficiency with pnet, feel free to keep an eye on this project. Over the next few months there will be even more focus on that with this crate.

@stephanbuys
Copy link
Author

Hi, thank you for your prompt reply. As to your bullet-points:

  • Agreed, on the one hand libpnet has really broad support, but a solid parser library could easily complement it (or succeed the current packet crate).

  • Agreed, I've had my eye on nom parsers in this domain for a while now - one of the worst parts of the libpnet packet crate is that it is hard to use with auto-completion and an IDE due to the macro system - I ended up finding and using the rendered files for insights.

  • Very cool.

Having real-world users is something really valuable, I'm also coming at this problem with an eye on my own company's use-cases, we're doing lots of low-level packet stuff as well - and in truth I am looking for a crate to rally around. Libpnet is quite mature and has support for a lot of protocols, but those can easily be added to your crate.

Will do.

In closing, I spent a few days surveying the landscape and the worst-case scenario is more fragmentation in the space - as a part of the wg-net workgroup I am hoping to find some low-level networking crates that the community can rally around.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants