redhound 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6935c5774360fee584469172ce32fb3d5d75d9c6afac07471d6f81a1c2abeab
-  data.tar.gz: 98f8c7e7e2910174326df83669f9f2d48e3fbabed8ce74083e060299fd95b724
+  metadata.gz: 1f9c914cea67f4e0f32f6dcf84149039eb95f1f2311bd6f410641b67b81d441f
+  data.tar.gz: ac1012da2b103d27bb43d98ca273567efc44fa4995de92af315370f73a899dc8
 SHA512:
-  metadata.gz: 17a0eb8f7d9cf19e20c2e44a98c23054aaedc51e1fac0d314b4832c85a3c586d68057a3367887beb8a33ac41b27c1746569510cc4da874bf23ab92b130fe0c7c
-  data.tar.gz: 0c3cae42594bfc3e341885efb840212b6d1e36b39c7ef53ece6dddb7ad59fc97d59842d9397fe82ae2f7b1f9ad3775d4e493c9987611058b85b65d4d40e405b5
+  metadata.gz: 4c26cd6fea83dcbd1f60e2615a8070f60ccb036f506f9a46c77d0f935a57027ddf19d7f408271dccc8a31cc3d9624b6e6db62b252bd9b6393de858819a2855c9
+  data.tar.gz: 4ce4cf820846e2e652bfa33a16d08ca942eb1739d0f29a04a18389fb6d992b9ab4b13504de5d5684ab67f753bc02cc94a1c9cd702dcc922b95b2de5a7a9983a8

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 ## [Unreleased]
 
+## [0.2.0] - 2025-01-03
+
+- Add option to write packets to file as PCAP Capture File Format.
+
 ## [0.1.0] - 2024-11-05
 
 - Initial release

data/README.md

@@ -20,11 +20,20 @@ gem install redhound
 ## Usage
 
 ```command
+   ___         ____                     __
+  / _ \___ ___/ / /  ___  __ _____  ___/ /
+ / , _/ -_) _  / _ \/ _ \/ // / _ \/ _  /
+/_/|_|\__/\_,_/_//_/\___/\_,_/_//_/\_,_/
+
+Version: 0.1.0
+Dump and analyze network packets.
+
 Usage: redhound [options] ...
 
 Options:
     -i, --interface INTERFACE        name or idx of interface
     -D, --list-interfaces            print list of interfaces and exit
+    -w FILE                          write packets to a pcap capture file format to file
     -h, --help                       display this help and exit
     -v, --version                    display version information and exit
 ```

data/lib/redhound/command.rb

@@ -15,7 +15,7 @@ module Redhound
         warn 'Error: interface is required'
         exit 1
       end
-      Receiver.run(ifname: @options[:ifname])
+      Receiver.run(ifname: @options[:ifname], filename: @options[:filename])
     end
 
     def parse(argv)
@@ -39,6 +39,7 @@ module Redhound
           list_interfaces
           exit
         end
+        o.on('-w FILE', 'write packets to a pcap capture file format to file') { |v| @options[:filename] = v }
         o.on('-h', '--help', 'display this help and exit') do
           puts o
           exit

data/lib/redhound/header/ether.rb

@@ -18,7 +18,6 @@ module Redhound
       end
 
       def generate
-        pp @bytes[0..5]
         @dhost = @bytes[0..5]
         @shost = @bytes[6..11]
         @type = @bytes[12..13]

data/lib/redhound/receiver.rb

@@ -5,20 +5,28 @@ require 'socket'
 module Redhound
   class Receiver
     class << self
-      def run(ifname:)
-        new(ifname:).run
+      def run(ifname:, filename:)
+        new(ifname:, filename:).run
       end
     end
 
-    def initialize(ifname:)
+    def initialize(ifname:, filename:)
       @ifname = ifname
       @socket = SocketBuilder.build(ifname:)
+      if filename
+        @writer = Writer.new(filename:)
+        @writer.start
+      end
     end
 
     def run
       loop do
         msg, = @socket.recvfrom(2048)
         Analyzer.analyze(msg:)
+        @writer.write(msg) if @writer
+      rescue Interrupt
+        @writer.stop if @writer
+        break
       end
     end
   end

data/lib/redhound/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Redhound
-  VERSION = '0.1.0'
+  VERSION = '0.2.0'
 end

data/lib/redhound/writer.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module Redhound
+  class Writer
+    def initialize(filename:)
+      @filename = filename
+    end
+
+    def start
+      @file = File.open(@filename, 'wb')
+      @file.write(file_header)
+    end
+
+    def write(msg)
+      @file.write(packet_record(Time.now, msg.bytesize, msg.bytesize))
+      @file.write(msg)
+    end
+
+    def stop
+      @file.close
+    end
+
+    private
+
+    def file_header
+      [
+        0xa1b2c3d4, # Magic Number (little-endian)
+        2,          # Version Major
+        4,          # Version Minor
+        0,          # Timezone offset (GMT)
+        0,          # Timestamp accuracy
+        65535,      # Snapshot length
+        1           # Link-layer header type (Ethernet)
+      ].pack('VvvVVVV')
+    end
+
+    def packet_record(timestamp, captured_length, original_length)
+      [
+        timestamp.to_i,           # Timestamp seconds
+        (timestamp.usec || 0),    # Timestamp microseconds
+        captured_length,          # Captured packet length
+        original_length           # Original packet length
+      ].pack('VVVV')
+    end
+  end
+end

data/lib/redhound.rb

@@ -7,3 +7,4 @@ require_relative 'redhound/packet_mreq'
 require_relative 'redhound/receiver'
 require_relative 'redhound/socket_builder'
 require_relative 'redhound/version'
+require_relative 'redhound/writer'

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: redhound
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Yudai Takada
 bindir: exe
 cert_chain: []
-date: 2024-11-05 00:00:00.000000000 Z
+date: 2025-01-02 00:00:00.000000000 Z
 dependencies: []
 description: Redhound is a pure Ruby packet analyzer that can be used to capture and
   analyze network packets.
@@ -38,6 +38,7 @@ files:
 - lib/redhound/receiver.rb
 - lib/redhound/socket_builder.rb
 - lib/redhound/version.rb
+- lib/redhound/writer.rb
 - sig/redhound.rbs
 homepage: https://github.com/ydah/redhound
 licenses:
@@ -63,7 +64,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.0.dev
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Pure Ruby packet analyzer
 test_files: []