blackfoundry-pcap 0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/ChangeLog +145 -0
- data/README +48 -0
- data/README.ja +50 -0
- data/Rakefile +23 -0
- data/ext/Pcap.c +798 -0
- data/ext/extconf.rb +16 -0
- data/ext/icmp_packet.c +444 -0
- data/ext/ip_packet.c +342 -0
- data/ext/packet.c +310 -0
- data/ext/ruby_pcap.h +133 -0
- data/ext/tcp_packet.c +121 -0
- data/ext/udp_packet.c +96 -0
- data/lib/pcap_misc.rb +116 -0
- data/lib/pcaplet.rb +113 -0
- metadata +79 -0
data/lib/pcaplet.rb
ADDED
@@ -0,0 +1,113 @@
|
|
1
|
+
require 'pcap'
|
2
|
+
require 'getopts'
|
3
|
+
|
4
|
+
def pcaplet_usage()
|
5
|
+
$stderr.print <<END
|
6
|
+
Usage: #{File.basename $0} [ -dnv ] [ -i interface | -r file ]
|
7
|
+
#{' ' * File.basename($0).length} [ -c count ] [ -s snaplen ] [ filter ]
|
8
|
+
Options:
|
9
|
+
-n do not convert address to name
|
10
|
+
-d debug mode
|
11
|
+
-v verbose mode
|
12
|
+
END
|
13
|
+
end
|
14
|
+
|
15
|
+
module Pcap
|
16
|
+
class Pcaplet
|
17
|
+
def usage(status, msg = nil)
|
18
|
+
$stderr.puts msg if msg
|
19
|
+
pcaplet_usage
|
20
|
+
exit(status)
|
21
|
+
end
|
22
|
+
|
23
|
+
def initialize(args = nil)
|
24
|
+
if args
|
25
|
+
ARGV[0,0] = args.split(/\s+/)
|
26
|
+
end
|
27
|
+
usage(1) unless getopts("dnv", "i:", "r:", "c:-1", "s:68")
|
28
|
+
$DEBUG |= $OPT_d
|
29
|
+
$VERBOSE |= $OPT_v
|
30
|
+
|
31
|
+
@device = $OPT_i
|
32
|
+
@rfile = $OPT_r
|
33
|
+
Pcap.convert = !$OPT_n
|
34
|
+
@count = $OPT_c.to_i
|
35
|
+
@snaplen = $OPT_s.to_i
|
36
|
+
@filter = ARGV.join(' ')
|
37
|
+
|
38
|
+
# check option consistency
|
39
|
+
usage(1) if @device && @rfile
|
40
|
+
if !@device and !@rfile
|
41
|
+
@device = Pcap.lookupdev
|
42
|
+
end
|
43
|
+
|
44
|
+
# open
|
45
|
+
begin
|
46
|
+
if @device
|
47
|
+
@capture = Capture.open_live(@device, @snaplen)
|
48
|
+
elsif @rfile
|
49
|
+
if @rfile !~ /\.gz$/
|
50
|
+
@capture = Capture.open_offline(@rfile)
|
51
|
+
else
|
52
|
+
$stdin = IO.popen("gzip -dc < #@rfile", 'r')
|
53
|
+
@capture = Capture.open_offline('-')
|
54
|
+
end
|
55
|
+
end
|
56
|
+
@capture.setfilter(@filter)
|
57
|
+
rescue PcapError, ArgumentError
|
58
|
+
$stdout.flush
|
59
|
+
$stderr.puts $!
|
60
|
+
exit(1)
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
attr('capture')
|
65
|
+
|
66
|
+
def add_filter(f)
|
67
|
+
if @filter == nil || @filter =~ /^\s*$/ # if empty
|
68
|
+
@filter = f
|
69
|
+
else
|
70
|
+
f = f.source if f.is_a? Filter
|
71
|
+
@filter = "( #{@filter} ) and ( #{f} )"
|
72
|
+
end
|
73
|
+
@capture.setfilter(@filter)
|
74
|
+
end
|
75
|
+
|
76
|
+
def each_packet(&block)
|
77
|
+
begin
|
78
|
+
duplicated = (RUBY_PLATFORM =~ /linux/ && @device == "lo")
|
79
|
+
unless duplicated
|
80
|
+
@capture.loop(@count, &block)
|
81
|
+
else
|
82
|
+
flip = true
|
83
|
+
@capture.loop(@count) do |pkt|
|
84
|
+
flip = (! flip)
|
85
|
+
next if flip
|
86
|
+
block.call pkt
|
87
|
+
end
|
88
|
+
end
|
89
|
+
rescue Interrupt
|
90
|
+
$stdout.flush
|
91
|
+
$stderr.puts("Interrupted.")
|
92
|
+
$stderr.puts $@.join("\n\t") if $DEBUG
|
93
|
+
ensure
|
94
|
+
# print statistics if live
|
95
|
+
if @device
|
96
|
+
stat = @capture.stats
|
97
|
+
if stat
|
98
|
+
$stderr.print("#{stat.recv} packets received by filter\n");
|
99
|
+
$stderr.print("#{stat.drop} packets dropped by kernel\n");
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
alias each each_packet
|
106
|
+
|
107
|
+
def close
|
108
|
+
@capture.close
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
Pcaplet = Pcap::Pcaplet
|
metadata
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: blackfoundry-pcap
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 9
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 1
|
9
|
+
version: "0.1"
|
10
|
+
platform: ruby
|
11
|
+
authors:
|
12
|
+
- David Turnbull
|
13
|
+
autorequire:
|
14
|
+
bindir: bin
|
15
|
+
cert_chain: []
|
16
|
+
|
17
|
+
date: 2011-05-06 00:00:00 Z
|
18
|
+
dependencies: []
|
19
|
+
|
20
|
+
description: " Some extensions to the pcap library.\n"
|
21
|
+
email: david@blackfoundry.com
|
22
|
+
executables: []
|
23
|
+
|
24
|
+
extensions:
|
25
|
+
- ext/extconf.rb
|
26
|
+
extra_rdoc_files:
|
27
|
+
- ChangeLog
|
28
|
+
- README
|
29
|
+
- README.ja
|
30
|
+
files:
|
31
|
+
- Rakefile
|
32
|
+
- ext/Pcap.c
|
33
|
+
- ext/extconf.rb
|
34
|
+
- ext/icmp_packet.c
|
35
|
+
- ext/ip_packet.c
|
36
|
+
- ext/packet.c
|
37
|
+
- ext/ruby_pcap.h
|
38
|
+
- ext/tcp_packet.c
|
39
|
+
- ext/udp_packet.c
|
40
|
+
- lib/pcap_misc.rb
|
41
|
+
- lib/pcaplet.rb
|
42
|
+
- ChangeLog
|
43
|
+
- README
|
44
|
+
- README.ja
|
45
|
+
homepage:
|
46
|
+
licenses: []
|
47
|
+
|
48
|
+
post_install_message:
|
49
|
+
rdoc_options: []
|
50
|
+
|
51
|
+
require_paths:
|
52
|
+
- lib
|
53
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
54
|
+
none: false
|
55
|
+
requirements:
|
56
|
+
- - ">="
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
hash: 3
|
59
|
+
segments:
|
60
|
+
- 0
|
61
|
+
version: "0"
|
62
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
63
|
+
none: false
|
64
|
+
requirements:
|
65
|
+
- - ">="
|
66
|
+
- !ruby/object:Gem::Version
|
67
|
+
hash: 3
|
68
|
+
segments:
|
69
|
+
- 0
|
70
|
+
version: "0"
|
71
|
+
requirements: []
|
72
|
+
|
73
|
+
rubyforge_project:
|
74
|
+
rubygems_version: 1.7.2
|
75
|
+
signing_key:
|
76
|
+
specification_version: 3
|
77
|
+
summary: extensions to ruby-pcap
|
78
|
+
test_files: []
|
79
|
+
|