Derrick is a simple tool for recording data streams of TCP and UDP traffic. It shares similarities with other network recorders, such as tcpflow and wireshark, though it is more advanced than the first and clearly inferior to the latter. It has been specifically designed to monitor application-layer communication. In contrast to other tools, the application data is logged in a line-based ASCII format. Common Unix tools, such as grep, sed, and awk, can be directly applied. Even replay of recorded communication is straightforward using netcat. Derrick supports on-the-fly compression and rotation of log files.
dabba is a set of distributed network monitoring tools for Linux. Its main use is to gather or scatter actions on a network such as traffic capture, replay, generation, or monitoring. It was inspired by the Dabba Walla system in Mumbai where meals are regrouped and dispatched throughout the city with a high efficiency rate, every day of the year. The project has three main components: libdabba, a low-level zero-copy network library, dabbad, a multi-threaded task manager and IPC query processor, and dabba, a CLI for communicating with dabbad and submitting tasks.
Counters.pl collects the CLI counters from network devices and produces custom reports. These counters can be reset independently of the SNMP counters, and when collected weekly, can highlight issues such as connection errors that you will not see looking at graphs produced from SNMP counters. They also contain information that is not available via SNMP. The reports can be viewed on a Web site and/or sent via email. There is a flexible configuration language in which reports can be specified. The format and style of the HTML reports are controlled by Template Toolkit templates and CSS. Currently only Cisco network equipment is supported.
pymiproxy is a small, lightweight, man-in-the-middle embeddable proxy capable of performing HTTP and HTTPS (or SSL) inspection. The proxy provides a built-in certificate authority that is capable of generating certificates for SSL-based destinations. Pymiproxy is also extensible, and provides two methods for extending the proxy: method overloading and a pluggable interface. It is ideal for situations where you're in dire need of a proxy to tamper with out- and/or in-bound HTTP data.