netsniff-ng 是一个高性能的Linux下基于命令行的网络包分析工具，与 tcpdump 和其他基于 libpcap 的包分析器不同的是，netsniff-ng 直接将输入的帧循环映射到接收缓冲区中，这样就可以直接在用户空间中进行方法，而无须在地址空间中复制。可用来调试本地网、测量性能和吞吐量，并生成相应的数据统计报表。一个比较小的网络监听器的源代码，可以查看流过本局域网的所有数据包，学习网络编程的看看吧，对自己技术的提高很有帮助的。
netsniff-ng is a high performance command line packet analyzer written for Linux.netsniff-ng is a free, performant Linux networking toolkit.
The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.
For this purpose, the netsniff-ng toolkit is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. Furthermore, we are focussing on building a robust and clean analyzer and utilities that complete netsniff-ng as a support for network development, debugging or network reconnaissance.
The netsniff-ng toolkit consists of the following utilities:
netsniff-ng, a high-performance zero-copy analyzer, pcap capturing and replaying tool
trafgen, a high-performance zero-copy network traffic generator
bpfc, a Berkeley Packet Filter (BPF) compiler supporting Linux extensions
ifpps, a top-like kernel networking and system statistics tool
flowtop, a top-like netfilter connection tracking tool
curvetun, a lightweight multiuser IP tunnel based on elliptic curve cryptography
ashunt, an Autonomous System (AS) trace route and ISP testing utility