1NSNTRACE(1) nsntrace NSNTRACE(1)
2
6 nsntrace - Perform a network trace of a process by using Linux network
7 namespaces
8
10 nsntrace [options] program [arguments]
11
13 nsntrace uses Linux network namespaces to perform network traces of the
14 specified program. The traces are stored as pcap files. And can later
15 be analyzed by applications such as wireshark.
16 nsntrace creates a new network namespace and launches the specified
18 program in it. This will ensure that all the packets we trace come from
19 the system or the specified program.
20 To get around the isolation caused by the network namespace a virtual
22 network interface is created. And in order for the program network
23 traffic to reach the root network namespace iptables is used.
24 Since nsntrace uses iptables and traces raw sockets it needs to be run
26 as root.
27
29 The following options are understood:
30 --device dev, -d dev
32 The network device to use in trace.
33 --use-public-dns
35 Override resolv.conf in namespace to use public nameservers from
36 Quad9 (9.9.9.9), Cloudflare (1.1.1.1), Google (8.8.8.8) and OpenDNS
37 (208.67.222.222).
38 --outfile file, -o file
40 Write the trace output to the file file. Default is nsntrace.pcap.
41 Use '-' for stdout.
42 --user user, -u user
44 Run program with the user ID, group ID and supplementary groups of
45 user.
46 --filter filter, -f filter
48 The capture filter to use while capturing. See pcap-filter(7) for
49 filter syntax.
50
52 On success, 0 is returned; otherwise, a non-zero failure code is
53 returned.
54
56 Jonas Danielsson <jonas@threetimestwo.org>
57 Original author
58nsntrace 07/22/2022 NSNTRACE(1)