RubyGems - pcap_tools - Versions diffs - 0.0.3 → 0.0.4 - Mend

pcap_tools 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/bin/pcap_tools ADDED Viewed

@@ -0,0 +1,62 @@
+#!/usr/bin/env ruby
+require 'pcap_tools'
+require 'optparse'
+options = {
+  :mode => :http,
+}
+OptionParser.new do |opts|
+  opts.banner = "Usage: pcap_tools_http [options] pcap_files"
+  opts.on("--no-body", "Do not display body") do
+    options[:no_body] = true
+  end
+  opts.on("--mode [MODE]", [:http, :tcp], "parsing mode") do |m|
+    options[:mode] = m
+  end
+end.parse!
+data = ARGV.map{|f| puts "Loading #{f}"; PacketFu::PcapFile.file_to_array(f)}
+tcps = PcapTools::extract_tcp_streams(data)
+puts "Tcp streams extracted : #{tcps.size}"
+puts "Parsing mode : #{options[:mode]}"
+puts
+if options[:mode] == :http
+  tcps.each do |tcp|
+    PcapTools::extract_http_calls(tcp).each do |req, resp|
+      puts ">>>> #{req["pcap-src"]}:#{req["pcap-src-port"]} > #{req["pcap-dst"]}:#{req["pcap-dst-port"]}"
+      puts "#{req.method} #{req.path}"
+      req.each_capitalized_name.reject{|x| x =~ /^Pcap/ }.each do |x|
+        puts "#{x}: #{req[x]}"
+      end
+      puts
+      puts req.body unless options[:no_body]
+      puts "<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< #{resp.time}"
+      puts "#{resp.code} #{resp.message}"
+      resp.each_capitalized_name.reject{|x| x =~ /^Pcap/ }.each do |x|
+        puts "#{x}: #{resp[x]}"
+      end
+      puts
+      puts resp.body unless options[:no_body]
+      puts
+    end
+  end
+end
+if options[:mode] == :tcp
+  tcps.each do |tcp|
+    tcp.each do |packet|
+      type = packet[:type] == :out ? ">>>>" : "<<<<<"
+      puts "#{type} #{packet[:from]}:#{packet[:from_port]} > #{packet[:to]}:#{packet[:to_port]}, size #{packet[:data].size}"
+      puts packet[:data]
+      puts
+    end
+  end
+end

data/lib/pcap_tools.rb CHANGED Viewed

@@ -52,12 +52,6 @@ module PcapTools
   end
-  def load_mutliple_files dir
-    Dir.glob(dir).sort{|a, b| File.new(a).mtime <=> File.new(b).mtime}.map{|file| PacketFu::PcapFile.file_to_array(file)}
-  end
-  module_function :load_mutliple_files
   def extract_http_calls_from_captures captures
     calls = []
     extract_tcp_streams(captures).each do |tcp|

data/pcap_tools.gemspec CHANGED Viewed

@@ -2,14 +2,14 @@ require 'rake'
 Gem::Specification.new do |s|
   s.name        = 'pcap_tools'
-  s.version     = '0.0.3'
+  s.version     = '0.0.4'
   s.authors     = ['Bertrand Paquet']
   s.email       = 'bertrand.paquet@gmail.com'
   s.summary     = 'Tools for extracting data from pcap files'
   s.homepage    = 'https://github.com/bpaquet/pcap_tools'
-  s.executables << 'pcap_tools_http'
+  s.executables << 'pcap_tools'
   s.files       = `git ls-files`.split($/)
   s.license     = 'BSD'
-  s.add_development_dependency('packetfu', '>= 1.1.9')
-end
+  s.add_runtime_dependency('packetfu', '>= 1.1.9')
+end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pcap_tools
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
   prerelease:
 platform: ruby
 authors:
@@ -19,7 +19,7 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 1.1.9
-  type: :development
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
@@ -30,12 +30,12 @@ dependencies:
 description:
 email: bertrand.paquet@gmail.com
 executables:
-- pcap_tools_http
+- pcap_tools
 extensions: []
 extra_rdoc_files: []
 files:
 - README.markdown
-- bin/pcap_tools_http
+- bin/pcap_tools
 - lib/pcap_tools.rb
 - pcap_tools.gemspec
 homepage: https://github.com/bpaquet/pcap_tools

data/bin/pcap_tools_http DELETED Viewed

@@ -1,37 +0,0 @@
-#!/usr/bin/env ruby
-require 'pcap_tools'
-require 'optparse'
-options = {}
-OptionParser.new do |opts|
-  opts.banner = "Usage: pcap_tools_http [options] pcap_files"
-  opts.on("--no-body", "Do not display body") do
-    options[:no_body] = true
-  end
-end.parse!
-data = ARGV.map{|f| PacketFu::PcapFile.file_to_array(f)}
-tcps = PcapTools::extract_tcp_streams(data)
-tcps.each do |tcp|
-  PcapTools::extract_http_calls(tcp).each do |req, resp|
-    puts ">>>> #{req["pcap-src"]}:#{req["pcap-src-port"]} > #{req["pcap-dst"]}:#{req["pcap-dst-port"]}"
-    puts "#{req.method} #{req.path}"
-    req.each_capitalized_name.reject{|x| x =~ /^Pcap/ }.each do |x|
-      puts "#{x}: #{req[x]}"
-    end
-    puts
-    puts req.body unless options[:no_body]
-    puts "<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< #{resp.time}"
-    puts "#{resp.code} #{resp.message}"
-    resp.each_capitalized_name.reject{|x| x =~ /^Pcap/ }.each do |x|
-      puts "#{x}: #{resp[x]}"
-    end
-    puts
-    puts resp.body unless options[:no_body]
-    puts
-  end
-end