Provided by: libndpi-bin_2.6-3_amd64
ndpiReader - example tool for libndpi
ndpiReader -i file.pcap|device [options]
The ndpiReader command is an example tool that uses libndpi. ndpiReader is able to read from a pcap file or catpure traffic from a network interface and process it with libndpi. It implements only some basic features just to show what can be done with libndpi.
-i file.pcap|device Specify a pcap file/playlist to read packets from or a device for live capture (comma-separated list). -f bpf_filter Specify a BPF filter for filtering selected traffic. -s duration Maximum capture duration in seconds (live traffic capture only). -p file.protos Specify a protocol file (eg. protos.txt). -l num_loops Number of detection loops (test only). -n num_threads Number of threads. Default: number of interfaces in -i. Ignored with pcap files. -j file.json Specify a file to write the content of packets in .json format. -g id:id... Thread affinity mask (one core id per thread). -d Disable protocol guess and use only DPI. -t Dissect GTP tunnels. -h Display a usage message. -v 1|2 Verbose 'unknown protocol' packet print. 1=verbose, 2=very verbose. -V 1|2 Verbose libndpi trace log print. 1=trace, 2=debug. 2014-08-15 NDPIREADER(1)