packetman 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d179b4712440f17879c705887caeec69fd857517
+  data.tar.gz: 7879478eab7e6ecca5d75bff051a5dcad4006465
+SHA512:
+  metadata.gz: 59f189ec8d961cc829938163d21daffea43b4ce14f5b0487d49339ad59abf6cbefabfbb5254e2b949132987ee06df4b584664d9e0d1f7973c33835c1328cd59a
+  data.tar.gz: 4e6b9134085f93800d07dd8a5e218c48d1c25260832b837c4f2e4fc365545234589232e0af344b8e1687eb90f6aa93d91875a341cfcf1165c1bec3d2341fd3a5

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.2
+before_install: gem install bundler -v 1.10.5

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in packetman.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Jason Scholl
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/NOTES.md

@@ -0,0 +1,5 @@
+## ICMP
+
+ICMP is technically layer 3, but due to the fact that it behaves a lot like layer
+4 protocols and  tcpdump has built-in handling for it just like TCP and UDP, I
+chose to treat it as layer 4.

data/README.md

@@ -0,0 +1,53 @@
+# Packetman
+
+Advanced tcpdump and Wireshark capture generator.
+
+[![Code Climate](https://codeclimate.com/github/jescholl/packetman/badges/gpa.svg)](https://codeclimate.com/github/jescholl/packetman) [![Test Coverage](https://codeclimate.com/github/jescholl/packetman/badges/coverage.svg)](https://codeclimate.com/github/jescholl/packetman/coverage) [![Circle CI](https://circleci.com/gh/jescholl/packetman.svg?style=svg)](https://circleci.com/gh/jescholl/packetman)
+
+Packetman is a packet capture filter generator modeled after [Wireshark's String-Matching Capture Filter Generator](https://www.wireshark.org/tools/string-cf.html) but with a lot more features allowing much finer control over the packets you see.
+
+Features:
+  * String-matching (just like Wireshark's tool)
+  * bit-string matching
+  * hex-string matching
+  * easy masking through `?` wildcard characters
+  * offsets in bits or bytes
+  * use header field name instead of manual offsets
+  * application specific queries
+  * built-in header reference tables
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'packetman'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install packetman
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake rspec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/jescholl/packetman.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/TODO.md

@@ -0,0 +1,3 @@
+##Config
+
+* add handling for ICMP's lack of payload query

data/bin/console

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "packetman"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+require "pry"
+Pry.start

data/bin/setup

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/circle.yml

@@ -0,0 +1,3 @@
+machine:
+  ruby:
+    version: 2.1.6

data/config/protocols.yml

@@ -0,0 +1,35 @@
+---
+transport:
+  tcp:
+    table:
+      Source Port: 16
+      Destination Port: 16
+      Sequence Number: 32
+      Acknowledgement Number: 32
+      Data Offset: 4
+      RESERVED: 3
+      ECN: 3
+      Control Bits: 6
+      Window: 16
+      Checksum: 16
+      Urgent Pointer: 16
+      Options and Padding: 32
+    payload_query: '((tcp[12:1] & 0xf0) >> 2)'
+  udp:
+    table:
+      Source Port: 16
+      Destination Port: 16
+      Length: 16
+      Checksum: 16
+    payload_query: 8
+  icmp:
+    table:
+      Type: 8
+      Code: 8
+      Checksum: 16
+      Type Specific Options: 32
+application:
+  http:
+    transport_protocol: tcp
+  dns:
+    transport_protocol: tcp

data/exe/packetman

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+require 'packetman'
+
+search_str = Packetman.config.parse_opts
+
+puts Packetman::Compose.new(search_str)

data/lib/packetman.rb

@@ -0,0 +1,24 @@
+require 'yaml'
+require "packetman/version"
+require "packetman/config"
+require "packetman/config_methods"
+require "packetman/table"
+require "packetman/compose"
+
+module Packetman
+  class << self
+
+    def config
+      @config ||= Config.new
+    end
+
+    def config!
+      @config = Config.new
+    end
+
+    def user_input(prompt)
+      puts prompt
+      gets
+    end
+  end
+end

data/lib/packetman/compose.rb

@@ -0,0 +1,97 @@
+module Packetman
+  class Compose
+    include ConfigMethods
+
+    def initialize(input, radix=config.radix)
+      @input = input
+      @radix = radix
+    end
+    
+    def desired_length
+      ((@input.length + config.offset)/8.to_f).ceil*8 - config.offset
+    end
+
+    def bit_density(radix=@radix)
+      (radix.nil?) ? 8 : Math.log2(radix).to_i
+    end
+
+    def mask
+      shift(@input.scan(/./).map{ |c| mask_chr(c) }.join)
+    end
+
+    def radix_mask
+      ("1"*bit_density).to_i(2)
+    end
+
+    def shift(input)
+      input.ljust(desired_length, '0')
+    end
+
+    def search
+      shift(@input.scan(/./).map{ |c| bin_chr(c) }.join)
+    end
+
+    def mask_chr(chr)
+      if chr == '?'
+        raise "wildcards not allowed" unless config.allow_wildcards
+        0
+      else
+        radix_mask
+      end.to_s(2).rjust(bit_density, '0')
+    end
+
+    def bin_chr(chr)
+      if chr == '?'
+        raise "wildcards not allowed" unless config.allow_wildcards
+        chr = '0'
+      end
+
+      if @radix
+        chr.to_i(@radix)
+      else
+        chr.ord
+      end.to_s(2).rjust(bit_density, '0')
+    end
+
+    def mask_hex
+      hex_encode(mask)
+    end
+
+    def search_hex
+      hex_encode(search)
+    end
+
+    def hex_encode(bin_str)
+      bin_str.reverse.scan(/.{1,4}/).map{ |chunk| chunk.reverse.to_i(2).to_s(16) }.reverse.join.scan(/.{1,8}/).map{ |hex| hex.prepend('0x') }
+    end
+
+    def full_bit_length(num, radix=nil)
+      return num.to_i(radix).to_s(radix).length * bit_density(radix) if radix
+      
+      case num
+      when /^0x/
+        $'.length * bit_density(16)
+      when /^0b/
+        $'.length * bit_density(2)
+      else
+        nil
+      end
+    end
+
+    def start_byte(position)
+      "#{config.payload_query} + #{(config.offset + position)/8}"
+    end
+
+    def to_s
+      clauses = []
+      position = 0
+      search_hex.zip(mask_hex).each_with_index do |(hex_search, hex_mask),i|
+        search_bit_length = full_bit_length(hex_search)
+        clauses << "#{config.transport}[#{start_byte(position)}:#{search_bit_length/8}] & #{hex_mask} = #{hex_search}"
+        position += search_bit_length
+      end
+
+      clauses.join(' && ')
+    end
+  end
+end

data/lib/packetman/config.rb

@@ -0,0 +1,71 @@
+require 'optparse'
+
+module Packetman
+  class Config
+    attr_accessor :transport, :application, :offset_units, :offset_type, :allow_wildcards, :radix
+    attr_writer :offset
+
+    def initialize
+      @transport = "tcp"
+      @application = "http"
+      @offset = 0
+      @offset_units = "bits"
+      @offset_type = "application"
+      @allow_wildcards = true
+    end
+
+    def protocols
+      @protocols ||= YAML.load(File.read(File.expand_path('../../../config/protocols.yml', __FILE__)))
+    end
+
+    def payload_query
+      case offset_type
+      when "application"
+        protocols['transport'][transport.to_s]['payload_query']
+      else
+        "0"
+      end
+    end
+
+    def offset
+      case offset_units
+      when "bytes"
+        @offset*8
+      else
+        @offset
+      end
+    end
+
+    def parse_opts
+      @opts ||= OptionParser.new do |opt|
+        opt.banner = "Usage: #{File.basename($PROGRAM_NAME)} [OPTIONS] FILTER_STRING"
+        opt.on("-t", "--transport [PROTO]", protocols['transport'].keys, "Transport Protocol (#{protocols['transport'].keys.join(',')})") {|v| self.transport = v }
+        opt.on("-a", "--application [PROTO]", protocols['application'].keys, "Application protocol (#{protocols['application'].keys.join(',')})") { |v| self.application = v }
+        #opt.on("-a", "--application [PROTO]", String, "Application Protocol (http|dns|icmp)") {|v| self.application = v }
+        opt.on("-r", "--radix [RADIX]", Integer, "Treat FILTER_STRING as RADIX instead of String") {|v| self.radix = v; }
+        opt.on("-o", "--offset [OFFSET]", Integer, "Offset in bits") {|v| self.offset = v; }
+        opt.on("-b", "--byte-offset", "Use 8-bit bytes instead of bits for offset") { |v| self.offset_units = "bytes" }
+        opt.on("-O", "--offset-type [TYPE]", ["application", "transport"], "Begin offset at the application/transport header.") { |v|  self.offset_type = v }
+        opt.on("--[no-]wildcards", "Allow '?' wildcards") { |v| self.allow_wildcards = v }
+      end
+
+      @opts.parse!
+
+      raise "Invalid command line arguments" if ARGV.size != 1
+
+      ARGV.pop
+
+
+#      if transport !~ /tcp|udp/i ||
+#        application !~ /http|dns|icmp/i
+#        raise "invalid options"
+#      end
+#
+#      if offset_units == :bits
+#        offset /= 8.to_f
+#        offset_units = :octets
+#      end
+    end
+
+  end
+end

data/lib/packetman/config_methods.rb

@@ -0,0 +1,11 @@
+module Packetman
+  module ConfigMethods
+    def self.included(base)
+      base.extend(self)
+    end
+
+    def config
+      Packetman.config
+    end
+  end
+end

data/lib/packetman/table.rb

@@ -0,0 +1,58 @@
+module Packetman
+  class Table
+    include ConfigMethods
+
+    attr_reader :line_h, :line_v
+    attr_accessor :columns
+
+    def initialize(cols = 32)
+      @line_v = '|'
+      @line_h = '-'
+      @columns = cols
+    end
+
+    def line_h=(value)
+      raise "Invalid character" if value.length != 1
+      @line_h = value
+    end
+
+    def line_v=(value)
+      raise "Invalid character" if value.length != 1
+      @line_v = value
+    end
+
+    def column_width
+      (columns-1).to_s.length
+    end
+
+    def horizontal_bar
+      line_v + line_h*(table_width - 2) + line_v + "\n"
+    end
+
+    def table_width
+      columns*(column_width + 1) + 1
+    end
+
+    def cell_size(field_size)
+      field_size*(column_width + 1) - 1
+    end
+
+    def header_row
+      line_v + columns.times.map{ |n| sprintf "%0#{column_width}d", n }.join(line_v) + line_v + "\n"
+    end
+
+    def to_s
+      output = horizontal_bar + header_row + horizontal_bar
+
+      config.protocols['transport'][config.transport]['table'].each do |label, size|
+        output += sprintf "%s%.#{cell_size(size)}s", line_v, label.center(cell_size(size))
+        if output.split("\n").last.length == (table_width - 1)
+          output += line_v + "\n"
+          output += horizontal_bar
+        end
+      end
+      output
+    end
+
+  end
+end

data/lib/packetman/version.rb

@@ -0,0 +1,3 @@
+module Packetman
+  VERSION = "0.1.0"
+end

data/packetman.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'packetman/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "packetman"
+  spec.version       = Packetman::VERSION
+  spec.authors       = ["Jason Scholl"]
+  spec.email         = ["jason.e.scholl@gmail.com"]
+
+  spec.summary       = %q{Advanced tcpdump and Wiresharp filter generator.}
+  spec.description   = %q{Simple tool for creating advanced tcpdump queries, because manually writing `tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420` is no fun.}
+  spec.homepage      = "https://github.com/jescholl/packetman"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.3"
+  spec.add_development_dependency "pry", "~> 0.10"
+  spec.add_development_dependency "codeclimate-test-reporter"
+end

data/packetman_notes

@@ -0,0 +1,156 @@
+7a 
+1111010
+
+#NOTE: I think this is wrong
+# also, maybe I don't need to worry about the bits bing aligned on the byte, just on the bit, as long as it's what the user asked for
+
+hex and string need to be 0 padded on the left
+binary needs to fill to the right to hex encode, starting at the offset bit
+
+Packetman.compose3("0b1111", 3)
+1111
+(fill right to ((4+3)/8.to_f).ceil*8 = 8 )
+11110000
+(shift mask and search >> 3)
+00011110
+00011110
+(sample byte sequence)
+00011111
+
+Packetman.compose3("0b1111010", 3)
+1111010
+(fill right to ((7+3)/8.to_f).ceil*8 = 16)
+11110100 00000000
+(shift mask and search >> 3)
+00011111 11000000
+00011110 10000000
+(sample byte sequence)
+00011110 10101010
+
+
+Packetman.compose3("0b1111010????????", 3)
+1111010? ???????
+(fill right to ((15+3)/8.to_f).ceil*8 = 24)
+1111010? ???????0 00000000
+(shift mask and search >> 3)
+00011111 11000000 00000000
+00011110 10000000 00000000
+(sample byte sequence)
+00011110 10101010 10101010
+
+Packetman.compose3("0x123",3)
+100100011
+(left fill to 12 first, or manual right fill with 16-12)
+(fill right to ((3*4)+3)/8.to_f).ceil*8 = 16)
+00010010 00110000
+(shift mask and search >> 3)
+00000011 11111110
+00000010 01000110
+(sample byte sequence)
+00000010 01000111
+
+
+
+
+Packetman.compose3("0xa",3)
+"((tcp[0:1] & 0xa) >>  1) = 0xa"
+1010
+(generate shifted mask)
+00011110
+(generate shifted search)
+00010100
+(sample byte sequence)
+10010101
+
+0b00011110 & 0b10010101 == 0x14
+
+
+
+
+
+
+Packetman.compose3("0b001010010", 3)
+"((tcp[0:2] & 0x1ff0) >> 4 = 0x52"
+001010010
+(generate shifted mask)
+(turn preceding 0s to 1s)
+(left shift (((binlen)+3)/8.to_f).ceil*8 - binlen - 3)
+1111111110000
+(generate shifted search - same as above)
+0010100100000
+(sample byte sequence)
+0010100101010
+
+0b0010100101010 & 1111111110000 == 0b0010100100000
+
+
+Packetman.compose3("0b00??1010?111?00010101??10101010?????1010111110???111110101001111010101??????????10100101010100011???????", 5)
+00??1010?111?00010101??10101010?????1010111110???111110101001111010101??????????10100101010100011???????
+(generate search str - replace ?s with 0s)
+00001010011100001010100101010100000010101111100001111101010011110101010000000000101001010101000110000000
+(generate shifted mask)
+(turn preceding 0s to 1s)
+(left shift (((binlen)+5)/8.to_f).ceil*8 - binlen - 5)
+11001111011101111111100111111110000011111111110001111111111111111111110000000000111111111111111110000000000
+11001111011101111111100111111110000011111111110001111111111111111111110000000000111111111111111110000000
+(generate shifted search - same as above)
+00001010011100001010100101010100000010101111100001111101010011110101010000000000101001010101000110000000000
+(sample byte sequence)
+00011010011100001010111101010101100110101111100101111101010011110101010010101001101001010101000110110100101
+
+00011010011100001010111101010101100110101111100101111101010011110101010010101001101001010101000110110100101 &
+11001111011101111111100111111110000011111111110001111111111111111111110000000000111111111111111110000000000 ==
+00001010011100001010100101010100000010101111100001111101010011110101010000000000101001010101000110000000000
+
+
+# NOTE
+
+instead of shifting the product of (mask & input), shift search
+this makes the form
+"tcp[0:1] & mask = shifted_search"
+
+
+Packetman.compose3("0xa",1)
+"((tcp[0:1] & 0x78) >> 3) = 0xa"
+1010
+(generate shifted mask)
+(left shift (((hexlen*4)+1)/8.to_f).ceil*8 - hexlen*4 - 1)
+(use length of mask to determine how much data to take)
+01111000
+(sample byte sequence)
+11010101
+
+(0b01111000 & 0b11010101) >> 3 == 0xa
+
+
+Packetman.compose3("0x123", 3)
+"((tcp[0:2] & 0x1ffe) >> 1) = 0x123"
+100100011
+(hex: left fill with 1s to hexlen*4) 
+111100100011
+(generate shifted mask)
+(left shift (((hexlen*4)+3)/8.to_f).ceil*8 - hexlen*4 - 3)
+(use length of mask to determine how much data to take)
+0001111111111110
+(sample byte sequence)
+1000001001000111
+
+(0b1000001001000111 & 0b0001111111111110) >> 1 == 0x123
+
+Packetman.compose3("abc", 3)
+"((tcp[0:4] & 0x1fffffe0 >> 5) = 0x616263"
+11000010110001001100011
+(str: left fill with 1s to len*8)
+111000010110001001100011
+(generate shifted mask)
+(left shift (((strlen*8)+3)/8.to_f).ceil*8 - strlen*8 - 3)
+(use length of mask to determine how much data to take)
+00011111 11111111 11111111 11100000
+(sample byte sequence)
+10101100 00101100 01001100 01110101
+
+(0b10101100001011000100110001110101 & 0b00011111111111111111111111100000) >> 5 == 0b11000010110001001100011
+
+
+
+

metadata

@@ -0,0 +1,138 @@
+--- !ruby/object:Gem::Specification
+name: packetman
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Jason Scholl
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2015-09-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Simple tool for creating advanced tcpdump queries, because manually writing
+  `tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420` is no fun.
+email:
+- jason.e.scholl@gmail.com
+executables:
+- packetman
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- NOTES.md
+- README.md
+- Rakefile
+- TODO.md
+- bin/console
+- bin/setup
+- circle.yml
+- config/protocols.yml
+- exe/packetman
+- lib/packetman.rb
+- lib/packetman/compose.rb
+- lib/packetman/config.rb
+- lib/packetman/config_methods.rb
+- lib/packetman/table.rb
+- lib/packetman/version.rb
+- packetman.gemspec
+- packetman_notes
+homepage: https://github.com/jescholl/packetman
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Advanced tcpdump and Wiresharp filter generator.
+test_files: []