update man pages

2013-02-05 12:57:34 -06:00 · 2013-02-05 12:57:34 -06:00 · 4ef7224d24
parent 7af0d0e4ba
commit 4ef7224d24
8 changed files with 214 additions and 184 deletions
--- a/docs/hdng.mdoc
+++ b/docs/hdng.mdoc
@ -16,19 +16,19 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt HDNG 1
-.Os "network reverse engineering toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
+.
 .Sh NAME
 .Nm hdng
 .Nd a hex dumper for the next generation
 .
 .Sh SYNOPSIS
 .Nm hdng
-.Oo Fl h | Fl v Oc
+.Op Fl h | Fl v
 .Nm hdng
-.Op Fl oxsg
-.Op Fl w Ar width
+.Op Fl o x s g w Ar width
 .Op Ar file
 .Nm hdng
 .Op Fl X | Fl G
@ -36,24 +36,16 @@
 .
 .Sh DESCRIPTION
 The basic concept for this utility is to emulate the base functionality of a hex
-dumper as found in bsdmainutils while providing better representation of the
-data. A special character set is used so that one might better observe patterns
-in the data. Additionally, the three areas of the hexdump (offsets, hexits,
-glyphs) can be turned off and the width of data represented in each line of data
-can be changed.
-.
-.Sh USAGE
-With a file specified
-.D1 Nm hdng Pa data.bin
+dumper as found in bsdmainutil's
+.Xr hexdump 1
+while providing better representation of the data. A special character set is
+used so that one might better observe patterns in the data. Additionally,
+the three areas of the hexdump (offsets, hexits, glyphs) can be turned off
+and the width of data represented in each line of data can be changed.
 .Pp
-As a filter
-.D1 ... | Nm hdng | ...
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm
-is included below.
-.Bl -tag -width -Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width Ds
 .It Fl h
 usage information
 .It Fl v
@ -70,30 +62,41 @@ do not display glyphs
 the
 .Em width
 of data to represent on each line of output
-.It Ar file
-the file to be dumped
 .El
 .
 .Ss Special Modes
 The following flags are mutually exclusive. When specified,
 .Nm
 ignores all other flags.
-.Bl -tag -width Ds
+.Pp
+.Bl -tag -compact -width Ds
 .It Fl X
 turns on continuous
 .Em hexdump
-mode, which overrides all other options
+mode
 .It Fl G
 turns on continuous
 .Em glyphdump
-mode, which overrides all other options
+mode
 .El
 .
+.Sh EXAMPLES
+With a file specified
+.D1 Ic $ Nm hdng Pa data.bin
+.Pp
+As a filter
+.D1 Ic $ No ... | Nm hdng | No ...
+.
 .Sh SEE ALSO
-.Xr unhex 1 ,
+.Xr hexdump 1 ,
 .Xr repr 1 ,
+.Xr unhex 1 ,
 .Xr xor 1
 .
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/netre-tools.mdoc
+++ b/docs/netre-tools.mdoc
@ -16,9 +16,10 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd May 1, 2012
+.Dd May 23, 2012
 .Dt NETRE-TOOLS 7
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
+.
 .Sh NAME
 .Nm netre-tools
 .Nd network reverse engineering toolkit
@ -37,49 +38,67 @@ the gaps left by more complex tools.
 .
 .Sh IMPLEMENTATION NOTES
 The following tools are currently included in the toolkit:
+.
 .Ss Data Inspection and Manipulation
 This subgroup aids in inspecting data and manipulating data.
 .Pp
 .Bl -tag -width caesar -compact
-.It Nm hdng
-Hex Dumper - Next Generation (also symbolically linked as
-.Nm hd )
-.It Nm unhex
-converts hexits to binary data (i.e. "61 62" \(rA "AB")
-.It Nm xor
-applies bytes to the pipeline using XOR
-.It Nm rot
-applies bytes to the pipeline using ROT (bitwise rotation)
-.It Nm rol
-applies bytes to the pipeline using ROL (bytewise rotation)
 .It Nm caesar
 applies bytes to the pipeline using Caesar's Cipher (alphabetic rotation)
+.It Nm hdng
+Hex Dumper - Next Generation
+.Pq also symbolically linked as Nm hd
+.It Nm repr
+escapes non-printable characters like Python's
+.Fn repr
+.Pq i.e. Li 0x03 becomes Li \ex03
+.It Nm rol
+applies bytes to the pipeline using ROL (bytewise rotation)
+.It Nm rot
+applies bytes to the pipeline using ROT (bitwise rotation)
+.It Nm unhex
+converts hexits to binary data
+.Pq i.e. Qo Li 61 62 Qc becomes Qo Li AB Qc
+.It Nm xor
+applies bytes to the pipeline using XOR
 .El
 .
-.Ss PCAP Manipulation
+.Ss Packet Capture Manipulation
 This subgroup allows frames in PCAP (packet capture) files to be manipulated
 from the command line.
 .Pp
-.Bl -tag -width p4split -compact
-.It Nm p4split
-split a large PCAP file into smaller files, using a CIDR-notation filter
+.Bl -tag -width dumbdecode -compact
+.It Nm pcat
+dump a packet capture in a line-based, parsable format
 .It Nm pmerge
 join PCAP files into a larger file while preserving date/time order
 .It Nm puniq
 drop duplicated packets from a PCAP
+.It Nm p4split
+split a large PCAP file into smaller files, using a CIDR-notation filter
+.It Nm dumbdecode
+dump packet captures in a nice text-based display
 .El
 .
 .Sh SEE ALSO
-.Xr hdng 1 ,
-.Xr unhex 1 ,
-.Xr xor 1 ,
-.Xr rot 1 ,
-.Xr rol 1 ,
 .Xr caesar 1 ,
+.Xr dumbdecode 1 ,
+.Xr hdng 1 ,
 .Xr p4split 1 ,
+.Xr pcat 1 ,
 .Xr pmerge 1 ,
-.Xr puniq 1
+.Xr puniq 1 ,
+.Xr repr 1 ,
+.Xr rol 1 ,
+.Xr rot 1 ,
+.Xr unhex 1 ,
+.Xr xor 1
 .
 .Sh AUTHORS
 .An Xephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
+.\" vim:ft=mandoc:
--- a/docs/p4split.mdoc
+++ b/docs/p4split.mdoc
@ -16,9 +16,10 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt P4SPLIT 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
+.
 .Sh NAME
 .Nm p4split
 .Nd split a PCAP based on CIDR filter
@ -33,34 +34,37 @@
 .Sh DESCRIPTION
 The basic concept for this utility is to filter and split a PCAP packet capture
 file into smaller files. This utility will create up to 256 smaller files.
-.
-.Sh USAGE
-As a filter
-.D1 ... | Nm p4split 192.168.1.0/24
 .Pp
-Command mode
-.D1 Nm p4split Fl i Pa big.pcap Ad 192.168.1.0/24
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm
-is included below.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width "-i input.pcap"
 .It Fl h
 usage information
 .It Fl v
 the program's version
 .It Fl i Pa input.pcap
-.Pa input.pcap
-is used as input, instead of stdin
-.It Ao CIDR filter Ac
-A filter in CIDR notation (ad.dre.ss/subnet-bits)
+.Pa input.pcap No is used as input, instead of stdin
+.It Aq CIDR filter
+A filter in CIDR notation
+.Pq a.dd.re.ss/subnet-bits
 .El
 .
+.Sh EXAMPLES
+As a filter:
+.D1 Ic $ No ... | Nm p4split Ar 192.168.1.0/24
+.Pp
+With an input file specified:
+.D1 Ic $ Nm p4split Fl i Pa big.pcap Ad 192.168.1.0/24
+.
 .Sh SEE ALSO
+.Xr pcat 1 ,
 .Xr pmerge 1 ,
 .Xr puniq 1
 .
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/pmerge.mdoc
+++ b/docs/pmerge.mdoc
@ -16,9 +16,10 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt PMERGE 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
+.
 .Sh NAME
 .Nm pmerge
 .Nd merge multiple PCAP files in timeline order
@ -27,47 +28,46 @@
 .Nm pmerge
 .Op Fl h | Fl v
 .Nm pmerge
-.Op Fl o Ar Pa output.pcap
+.Op Fl o Ar output.pcap
 .Pa input.pcap
-.Op Ar
+.Op Ar ...
 .
 .Sh DESCRIPTION
 The basic concept for this utility is to merge multiple PCAP files while
 maintaining timeline order.
-.
-.Sh USAGE
-As a filter
-.D1 Nm pmerge Pa one.pcap Pa two.pcap Li > Pa merged.pcap
 .Pp
-In simple command form
-.D1 Nm pmerge Fl o Pa merged.pcap Pa one.pcap Pa two.pcap
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm pmerge
-is included below.
-.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width "input.pcap [...]"
 .It Fl h
 usage information
 .It Fl v
 the program's version
 .It Fl o Ar output.pcap
 sets the output filename to
-.Pa output.pcap .
-If this option flag is not specified,
-.Ev stdout
-is used to output the merged PCAP
-.It Pa input.pcap
+.Pa output.pcap . No If this option flag is not specified, the merged PCAP is
+output to
+.Dv stdout .
+.It Ar input.pcap Op Ar ...
 At least one input file argument is required.
-.It Ar
-additional input files may be specified
 .El
 .
+.Sh EXAMPLES
+As a filter:
+.D1 Ic $ Nm pmerge Pa one.pcap Pa two.pcap Li > Pa merged.pcap
+.Pp
+In simple command form:
+.D1 Ic $ Nm pmerge Fl o Pa merged.pcap Pa one.pcap Pa two.pcap
+.
 .Sh SEE ALSO
 .Xr p4split 1 ,
+.Xr pcat 1 ,
 .Xr puniq 1
 .
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/puniq.mdoc
+++ b/docs/puniq.mdoc
@ -16,9 +16,10 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt PUNIQ 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
+.
 .Sh NAME
 .Nm puniq
 .Nd filter one to many PCAP files for unique frames
@ -27,43 +28,37 @@
 .Nm puniq
 .Op Fl h | Fl v
 .Nm puniq
-.Op Fl o Ar output.pcap
+.Op Fl o Pa output.pcap
 .Pa input.pcap
-.Op Ar
+.Op Ar ...
 .
 .Sh DESCRIPTION
 The basic concept for this utility is to filter one to many PCAP files for
 unique frames
-.
-.Sh USAGE
-As a filter
-.D1 Nm puniq Pa one.pcap Pa two.pcap Li > Pa unique.pcap
 .Pp
-In simple command form
-.D1 Nm puniq Fl o Pa unique.pcap Pa one.pcap Pa two.pcap
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm puniq
-is included below.
-.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width "input.pcap [...]"
 .It Fl h
 usage information
 .It Fl v
 the program's version
 .It Fl o Ar output.pcap
 sets the output filename to
-.Pa output.pcap .
-If this option flag is not specified,
+.Pa output.pcap . No If this option flag is not specified, the merged PCAP is
+ouput to
 .Dv stdout
-is used to output the merged PCAP
-.It Pa input.pcap
+.It Pa input.pcap Op Ar ...
 At least one input file argument is required
-.It Ar
-additional input files may be specified
 .El
 .
+.Sh EXAMPLES
+As a filter
+.D1 Ic $ Nm puniq Pa one.pcap Pa two.pcap Li > Pa unique.pcap
+.Pp
+In simple command form
+.D1 Ic $ Nm puniq Fl o Pa unique.pcap Pa one.pcap Pa two.pcap
+.
 .Sh SEE ALSO
 .Xr p4split 1 ,
 .Xr pmerge 1
@ -71,3 +66,7 @@ additional input files may be specified
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/repr.mdoc
+++ b/docs/repr.mdoc
@ -16,9 +16,9 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt REPR 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
 .
 .Sh NAME
 .Nm repr
@ -31,29 +31,26 @@
 .Op Ar
 .
 .Sh DESCRIPTION
-The basic concept for this utility is to emulate python's repr() function. Input
-bytes are escaped using Python's byte notation if they do not fall within the
-printable range.
-.
-.Sh USAGE
-With a file specified
-.D1 Nm repr Pa data.bin
+The basic concept for this utility is to emulate Python's
+.Fn repr No function. Input bytes are escaped using Python's byte notation if
+they do not fall within the printable range.
 .Pp
-As a filter
-.D1 ... | Nm repr | ...
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm repr
-is included below.
-.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width Ds
 .It Fl h
 usage information
 .It Fl v
 the program's version
 .El
 .
+.Sh EXAMPLES
+With a file specified:
+.D1 Ic $ Nm repr Pa data.bin
+.Pp
+As a filter:
+.D1 Ic $ No ... | Nm repr | No ...
+.
 .Sh SEE ALSO
 .Xr hdng 1 ,
 .Xr xor 1
@ -61,3 +58,7 @@ the program's version
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/unhex.mdoc
+++ b/docs/unhex.mdoc
@ -16,9 +16,9 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd March 3, 2012
+.Dd May 23, 2012
 .Dt UNHEX 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
 .
 .Sh NAME
 .Nm unhex
@ -32,32 +32,34 @@
 .
 .Sh DESCRIPTION
 The basic concept for this utility is to translate hexits (00-ff) to their
-binary equivalent. If the text input includes spaces and non-hexadecimal
-characters, these characters are ignored. If non-hexadecimal characters appear
-between hexit pairs, an error is produced.
-.
-.Sh USAGE
-With a file specified
-.D1 Nm unhex Pa data.bin
+binary equivalent. Spaces and other non-hexadecimal characters are ignored in
+the input stream. If non-hexadecimal characters appear between hexit pairs, an
+error is produced.
 .Pp
-As a filter
-.D1 ... | Nm unhex | ...
-.
-.Sh OPTIONS
-A summary of the options supported by
-.Nm unhex
-is included below.
-.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width Ds
 .It Fl h
 usage information
 .It Fl v
 the program's version
 .El
+.
 .Sh SEE ALSO
 .Xr hdng 1 ,
 .Xr xor 1
 .
+.Sh EXAMPLES
+With a file specified
+.D1 Ic $ Nm unhex Pa data.bin
+.Pp
+As a filter
+.D1 Ic $ No ... | Nm unhex | No ...
+.
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools
--- a/docs/xor.mdoc
+++ b/docs/xor.mdoc
@ -16,9 +16,9 @@
 .\" On Debian systems, the complete text of the GNU General
 .\" Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
 .
-.Dd May 1, 2012
+.Dd May 23, 2012
 .Dt TRANSFORMER 1
-.Os "Network Reverse Engineering Toolkit"
+.Os "Network Reverse Engineering Toolkit" 1.1337
 .
 .Sh NAME
 .Nm xor
@ -40,7 +40,7 @@
 .Op Fl u
 .Op Fl x
 .Ar BYTE
-.Op Ar BYTE ...
+.Op Ar ...
 .Nm <transform>
 .Op Fl u
 .Fl s
@ -49,24 +49,10 @@
 .Sh DESCRIPTION
 The basic concept for this utility is to apply a set of bytes, repeatedly, to a
 stream of input.
-.
-.Sh USAGE
-As a filter with the hexadecimal bytes
-.Bq 0x20 , 0x2f
-applied to the input stream using
-.Nm xor .
-The bytes are applied repeatedly until the end-of-file (i.e.
-.Bq 0x20 , 0x2f , 0x20 , 0x2f , ...  Ns ) .
-.D1 ... | Nm xor Fl x Ar 20 Ar 2f | Li ...
 .Pp
-As a filter with a string of characters used as a byte source (i.e.
-.Bq 0x20 , 0x6b , 0x65 , 0x79 , 0x20 , ... Ns ) .
-.D1 ... | Nm xor Fl s Qo Ar " key " Qc | Li ...
-.
-.Sh OPTIONS
-A summary of the options is included below.
-.
-.Bl -tag -width Ds
+The available options include:
+.Pp
+.Bl -tag -compact -width "-s STRING"
 .It Fl h
 usage information
 .It Fl v
@ -76,29 +62,41 @@ explicity interpret bytes as hexadecimal digits
 .It Fl s Ar STRING
 use a string of characters as the byte source
 .It Fl u
-undo - reverse the transform (this is ignored for
-.Nm xor )
-.It Ar BYTE Op Ar BYTE ...
+undo - reverse the transform
+.Pq this is ignored for Nm xor
+.It Ar BYTE Op Ar ...
 a list of bytes to apply to the input stream
 .El
 .
 .Sh IMPLEMENTATION NOTES
-The application of the bytes is accomplished using one of the following
+The application of the key bytes is accomplished using one of the following
 transforms:
 .
-.Bd -unfilled -offset indent
+.Bd -unfilled -offset left
 .TS
 box tab(:);
-l | l | l | l.
-\fBTransform:Description:Bytes:Undo\fR
-_:_:_:_
-xor:bitwise exclusive OR:integers [0-255]:-
-rot:bitwise rotate left:integers [0-7]:bitwise rotate right
-rol:bytewise rotate (-):integers [0-255]:bytewise rotate (+)
-caesar:alphabet shift (+):integers [0-26]:alphabet shift (-)
+l | l | l | l | l.
+\fBName:Description:Subj:Argument:Undo\fR
+_:_:_:_:_
+xor:bitwise exclusive OR:bytes:int [0-255]:N/A
+rot:rotate left:bits:int [0-7]:rotate right
+rol:rotate (-):bytes:int [0-255]:rotate (+)
+caesar:shift (+):alpha:int [0-26]:shift (-)
 .TE
 .Ed
+.
+.Sh EXAMPLES
+As a filter with the hexadecimal bytes
+.Bq 0x20 , 0x2f
+applied to the input stream using
+.Nm xor .
+The bytes are applied repeatedly until the end-of-file
+.Pq i.e. Bo 0x20 , 0x2f , 0x20 , 0x2f , ...  Bc .
+.D1 Ic $ No ... | Nm xor Fl x Ar 20 Ar 2f | No ...
 .Pp
+As a filter with a string of characters used as a byte source
+.Pq i.e. Qo key Qc becomes Bo 0x6b , 0x65 , 0x79 , ... Bc .
+.D1 Ic $ No ... | Nm xor Fl s Qo Ar key Qc | No ...
 .
 .Sh SEE ALSO
 .Xr hdng 1 ,
@ -107,3 +105,7 @@ caesar:alphabet shift (+):integers [0-26]:alphabet shift (-)
 .Sh AUTHORS
 .An Zephyr Aq Ad zephyr@dirtbags.net ,
 .An pi-rho Aq Ad pi-rho@tyr.cx
+.
+.Sh BUGS
+Bugs may be submitted at
+.Aq Ad https://bugs.launchpad.net/netre-tools