r_tcp_ip 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. data/.gitignore +15 -0
  2. data/Gemfile +4 -0
  3. data/LICENSE.txt +22 -0
  4. data/README.md +31 -0
  5. data/Rakefile +2 -0
  6. data/lib/r_tcp_ip.rb +73 -0
  7. data/lib/r_tcp_ip/constants.rb +5 -0
  8. data/lib/r_tcp_ip/version.rb +3 -0
  9. data/r_tcp_ip.gemspec +27 -0
  10. data/test/nerp.pcapng +0 -0
  11. metadata +138 -0
data/.gitignore ADDED
@@ -0,0 +1,15 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+ *.bundle
11
+ *.so
12
+ *.o
13
+ *.a
14
+ mkmf.log
15
+ .idea/*
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in r_tcp_ip.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2015 nemski
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,31 @@
1
+ # RTcpIp
2
+
3
+ TODO: Write a gem description
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'r_tcp_ip'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install r_tcp_ip
20
+
21
+ ## Usage
22
+
23
+ TODO: Write usage instructions here
24
+
25
+ ## Contributing
26
+
27
+ 1. Fork it ( https://github.com/[my-github-username]/r_tcp_ip/fork )
28
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
29
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
30
+ 4. Push to the branch (`git push origin my-new-feature`)
31
+ 5. Create a new Pull Request
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ require "bundler/gem_tasks"
2
+
data/lib/r_tcp_ip.rb ADDED
@@ -0,0 +1,73 @@
1
+ require "r_tcp_ip/version"
2
+ require "r_tcp_ip/constants"
3
+ require "ffi/packets"
4
+
5
+ module RTcpIp
6
+ class Packet
7
+ include FFI::Packets::Constants
8
+
9
+ attr_reader :src_mac, :dst_mac, :ip_hdr
10
+
11
+ # Expects a FFI::MemoryPointer to a packet
12
+ def initialize(packet)
13
+ # Get first byte of IP header
14
+ ip_hdr_start = packet.get_uchar(ETH_HDR_LEN).to_s(16)
15
+ # First nibble is IP header version
16
+ if ip_hdr_start[0].hex == 4
17
+ # Second nibble is IP header length in words (4 bytes)
18
+ @ip_hdr_len = ip_hdr_start[1].hex * 4
19
+ else
20
+ raise "IPv6 not supported"
21
+ end
22
+
23
+ ip_hdr_ptr = FFI::MemoryPointer.from_string(packet.get_array_of_uchar(ETH_HDR_LEN,(@ip_hdr_len)).pack('C*'))
24
+
25
+ @ip_hdr = FFI::Packets::Ip::Hdr.new(ip_hdr_ptr)
26
+
27
+ @tcp = @udp = false
28
+ case @ip_hdr.proto
29
+ when IP_PROTO_TCP
30
+ @tcp = true
31
+ tcp_hdr_len = packet.get_uchar(@ip_hdr_len + Constants::TCP_LEN_OFFSET + ETH_HDR_LEN).to_s(16)[0].hex * 4
32
+ tcp_hdr_ptr = FFI::MemoryPointer.from_string(packet.get_array_of_uchar((ETH_HDR_LEN + @ip_hdr_len), tcp_hdr_len).pack('C*'))
33
+ @l4_hdr = FFI::Packets::Tcp::Hdr.new(tcp_hdr_ptr)
34
+ when IP_PROTO_UDP
35
+ @udp = true
36
+ udp_hdr_ptr = FFI::MemoryPointer.from_string(packet.get_array_of_uchar((ETH_HDR_LEN + @ip_hdr_len), UDP_HDR_LEN).pack('C*'))
37
+ @l4_hdr = FFI::Packets::Tcp::Hdr.new(udp_hdr_ptr)
38
+ end
39
+
40
+ if @tcp or @udp
41
+ class << self
42
+ def sport
43
+ @l4_hdr.sport
44
+ end
45
+
46
+ def dport
47
+ @l4_hdr.dport
48
+ end
49
+ end
50
+ end
51
+ end
52
+
53
+ def tcp?
54
+ @tcp
55
+ end
56
+
57
+ def udp?
58
+ @udp
59
+ end
60
+
61
+ def src_ip
62
+ @ip_hdr.src
63
+ end
64
+
65
+ alias_method :src, :src_ip
66
+
67
+ def dst_ip
68
+ @ip_hdr.dst
69
+ end
70
+
71
+ alias_method :dst, :dst_ip
72
+ end
73
+ end
data/lib/r_tcp_ip/constants.rb ADDED
@@ -0,0 +1,5 @@
1
+ module RTcpIp
2
+ module Constants
3
+ TCP_LEN_OFFSET = 12
4
+ end
5
+ end
data/lib/r_tcp_ip/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module RTcpIp
2
+ VERSION = "0.0.2"
3
+ end
data/r_tcp_ip.gemspec ADDED
@@ -0,0 +1,27 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'r_tcp_ip/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "r_tcp_ip"
8
+ spec.version = RTcpIp::VERSION
9
+ spec.authors = ["nemski"]
10
+ spec.email = ["nemski.rabbit@gmail.com"]
11
+ spec.summary = %q{A hack to get source/destination port/ip from a TCP or UDP header}
12
+ spec.description = %q{}
13
+ spec.homepage = "https://github.com/nemski/r_tcp_ip"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files -z`.split("\x0")
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.7"
22
+ spec.add_development_dependency "rake", "~> 10.0"
23
+
24
+ spec.add_runtime_dependency "ffi", ">= 1.9.6"
25
+ spec.add_runtime_dependency "ffi-packets", "= 0.1.0"
26
+ spec.add_runtime_dependency "ffi-pcap", ">= 0.2.1"
27
+ end
data/test/nerp.pcapng ADDED
Binary file
metadata ADDED
@@ -0,0 +1,138 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: r_tcp_ip
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - nemski
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2015-03-19 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: bundler
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: '1.7'
22
+ type: :development
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: '1.7'
30
+ - !ruby/object:Gem::Dependency
31
+ name: rake
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ~>
36
+ - !ruby/object:Gem::Version
37
+ version: '10.0'
38
+ type: :development
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ~>
44
+ - !ruby/object:Gem::Version
45
+ version: '10.0'
46
+ - !ruby/object:Gem::Dependency
47
+ name: ffi
48
+ requirement: !ruby/object:Gem::Requirement
49
+ none: false
50
+ requirements:
51
+ - - ! '>='
52
+ - !ruby/object:Gem::Version
53
+ version: 1.9.6
54
+ type: :runtime
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: 1.9.6
62
+ - !ruby/object:Gem::Dependency
63
+ name: ffi-packets
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - '='
68
+ - !ruby/object:Gem::Version
69
+ version: 0.1.0
70
+ type: :runtime
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - '='
76
+ - !ruby/object:Gem::Version
77
+ version: 0.1.0
78
+ - !ruby/object:Gem::Dependency
79
+ name: ffi-pcap
80
+ requirement: !ruby/object:Gem::Requirement
81
+ none: false
82
+ requirements:
83
+ - - ! '>='
84
+ - !ruby/object:Gem::Version
85
+ version: 0.2.1
86
+ type: :runtime
87
+ prerelease: false
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: 0.2.1
94
+ description: ''
95
+ email:
96
+ - nemski.rabbit@gmail.com
97
+ executables: []
98
+ extensions: []
99
+ extra_rdoc_files: []
100
+ files:
101
+ - .gitignore
102
+ - Gemfile
103
+ - LICENSE.txt
104
+ - README.md
105
+ - Rakefile
106
+ - lib/r_tcp_ip.rb
107
+ - lib/r_tcp_ip/constants.rb
108
+ - lib/r_tcp_ip/version.rb
109
+ - r_tcp_ip.gemspec
110
+ - test/nerp.pcapng
111
+ homepage: https://github.com/nemski/r_tcp_ip
112
+ licenses:
113
+ - MIT
114
+ post_install_message:
115
+ rdoc_options: []
116
+ require_paths:
117
+ - lib
118
+ required_ruby_version: !ruby/object:Gem::Requirement
119
+ none: false
120
+ requirements:
121
+ - - ! '>='
122
+ - !ruby/object:Gem::Version
123
+ version: '0'
124
+ required_rubygems_version: !ruby/object:Gem::Requirement
125
+ none: false
126
+ requirements:
127
+ - - ! '>='
128
+ - !ruby/object:Gem::Version
129
+ version: '0'
130
+ requirements: []
131
+ rubyforge_project:
132
+ rubygems_version: 1.8.30
133
+ signing_key:
134
+ specification_version: 3
135
+ summary: A hack to get source/destination port/ip from a TCP or UDP header
136
+ test_files:
137
+ - test/nerp.pcapng
138
+ has_rdoc: