ruby-pcap 0.7.9 → 0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/build.yml +26 -0
- data/README.md +3 -7
- data/examples/capture_duration.rb +28 -0
- data/ext/pcap/Pcap.c +152 -23
- data/ext/pcap/arp_packet.c +82 -0
- data/ext/pcap/icmp_packet.c +35 -0
- data/ext/pcap/icmpv6_packet.c +107 -0
- data/ext/pcap/ip_packet.c +16 -7
- data/ext/pcap/ipv6_packet.c +162 -0
- data/ext/pcap/packet.c +36 -8
- data/ext/pcap/ruby_pcap.h +34 -4
- data/ext/pcap/slow_protocol_packet.c +29 -0
- data/ext/pcap/tcp_packet.c +346 -6
- data/ext/pcap/udp_packet.c +262 -1
- data/lib/pcap/packet.rb +123 -11
- data/ruby-pcap.gemspec +4 -4
- metadata +16 -10
- data/.travis.yml +0 -13
data/lib/pcap/packet.rb
CHANGED
@@ -7,6 +7,21 @@ module Pcap
|
|
7
7
|
def inspect
|
8
8
|
"#<#{self.class}: #{self}>"
|
9
9
|
end
|
10
|
+
def src_mac_address
|
11
|
+
return unpack_hex_string(raw_data[6, 12])
|
12
|
+
end
|
13
|
+
|
14
|
+
def dst_mac_address
|
15
|
+
return unpack_hex_string(raw_data[0, 6])
|
16
|
+
end
|
17
|
+
|
18
|
+
def ethertype
|
19
|
+
raw_data[12, 14].unpack('n')[0]
|
20
|
+
end
|
21
|
+
|
22
|
+
def unpack_hex_string(hex)
|
23
|
+
hex.unpack('H2H2H2H2H2H2').join('')
|
24
|
+
end
|
10
25
|
end
|
11
26
|
|
12
27
|
class IPPacket
|
@@ -15,6 +30,12 @@ module Pcap
|
|
15
30
|
end
|
16
31
|
end
|
17
32
|
|
33
|
+
class IPv6Packet
|
34
|
+
def to_s
|
35
|
+
"#{src_s} > #{dst_s} next header #{ip_nh}"
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
18
39
|
class TCPPacket
|
19
40
|
def tcp_data_len
|
20
41
|
ip_len - 4 * (ip_hlen + tcp_hlen)
|
@@ -33,32 +54,123 @@ module Pcap
|
|
33
54
|
def to_s
|
34
55
|
"#{src}:#{sport} > #{dst}:#{dport} #{tcp_flags_s}"
|
35
56
|
end
|
57
|
+
end
|
36
58
|
|
37
|
-
|
38
|
-
|
59
|
+
class UDPPacket
|
60
|
+
def to_s
|
61
|
+
"#{src}:#{sport} > #{dst}:#{dport} len #{udp_len} sum #{udp_sum}"
|
39
62
|
end
|
63
|
+
end
|
40
64
|
|
41
|
-
|
42
|
-
|
65
|
+
class ICMPPacket
|
66
|
+
def to_s
|
67
|
+
"#{src} > #{dst}: icmp: #{icmp_typestr}"
|
43
68
|
end
|
69
|
+
end
|
44
70
|
|
45
|
-
|
46
|
-
|
71
|
+
class TCPv6Packet
|
72
|
+
|
73
|
+
def tcp_flags_s
|
74
|
+
return \
|
75
|
+
(tcp_urg? ? 'U' : '.') +
|
76
|
+
(tcp_ack? ? 'A' : '.') +
|
77
|
+
(tcp_psh? ? 'P' : '.') +
|
78
|
+
(tcp_rst? ? 'R' : '.') +
|
79
|
+
(tcp_syn? ? 'S' : '.') +
|
80
|
+
(tcp_fin? ? 'F' : '.')
|
47
81
|
end
|
48
|
-
end
|
49
82
|
|
50
|
-
class UDPPacket
|
51
83
|
def to_s
|
52
|
-
"#{
|
84
|
+
"#{src_s}:#{sport} > #{dst_s}:#{dport} #{tcp_flags_s}"
|
53
85
|
end
|
54
86
|
end
|
55
87
|
|
56
|
-
class
|
88
|
+
class UDPv6Packet
|
57
89
|
def to_s
|
58
|
-
"#{
|
90
|
+
"#{src_s}:#{sport} > #{dst_s}:#{dport} len #{udp_len} sum #{udp_sum}"
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
# Slow protocol frames
|
95
|
+
class SPPacket
|
96
|
+
|
97
|
+
# return Slow protocol subtype: 0x01 LACP, 0x02 Marker 0x03 EFM OAM
|
98
|
+
def sp_subtype
|
99
|
+
raw_data[14].unpack('C')[0]
|
59
100
|
end
|
60
101
|
end
|
61
102
|
|
103
|
+
# LACP frames
|
104
|
+
class LACPPacket
|
105
|
+
|
106
|
+
LACP_ACTIVITY = 0x01
|
107
|
+
LACP_TIMEOUT = 0x02
|
108
|
+
LACP_AGGR = 0x04
|
109
|
+
LACP_SYNC = 0x08
|
110
|
+
LACP_COLLECTING = 0x10
|
111
|
+
LACP_DISTR = 0x20
|
112
|
+
LACP_DEFAULTED = 0x40
|
113
|
+
LACP_EXPIRED = 0x80
|
114
|
+
|
115
|
+
# return LACP Version
|
116
|
+
def version
|
117
|
+
raw_data[15].unpack('C')[0]
|
118
|
+
end
|
119
|
+
|
120
|
+
# return Actor LACP flags in human readable form
|
121
|
+
def actor_flags
|
122
|
+
parse_flags(actor_info['Actor State'])
|
123
|
+
end
|
124
|
+
|
125
|
+
# return Actor LACP flags in human readable form
|
126
|
+
def partner_flags
|
127
|
+
parse_flags(partner_info['Partner State'])
|
128
|
+
end
|
129
|
+
|
130
|
+
# return LACP Actor TLV
|
131
|
+
def actor_info
|
132
|
+
# throw error if 1st TLV is not Actor
|
133
|
+
raise 'error in actor TLV' if raw_data[16].unpack('C')[0] != 1
|
134
|
+
{
|
135
|
+
'Actor System Priority' => raw_data[18,19].unpack('n')[0],
|
136
|
+
'Actor System Id' => unpack_hex_string(raw_data[20, 26]),
|
137
|
+
'Actor Key' => raw_data[26,27].unpack('n')[0],
|
138
|
+
'Actor Port Priority' => raw_data[28,29].unpack('n')[0],
|
139
|
+
'Actor Port' => raw_data[30,31].unpack('n')[0],
|
140
|
+
'Actor State' => raw_data[32].unpack('C')[0].to_i
|
141
|
+
}
|
142
|
+
end
|
143
|
+
# return LACP Partner TLV
|
144
|
+
def partner_info
|
145
|
+
# throw error if 2nd TLV is not Partner
|
146
|
+
actor_tlv_len = raw_data[17].unpack('C')[0]
|
147
|
+
base = 16 + actor_tlv_len
|
148
|
+
raise 'error in partner TLV' if raw_data[base].unpack('C')[0] != 2
|
149
|
+
base += 2
|
150
|
+
{
|
151
|
+
'Partner System Priority' => raw_data[base, base + 1].unpack('n')[0],
|
152
|
+
'Partner System Id' => unpack_hex_string(raw_data[base + 2, base + 7]),
|
153
|
+
'Partner Key' => raw_data[base + 8,base + 9].unpack('n')[0],
|
154
|
+
'Partner Port Priority' => raw_data[base + 10,base + 11].unpack('n')[0],
|
155
|
+
'Partner Port' => raw_data[base + 12,base + 13].unpack('n')[0],
|
156
|
+
'Partner State' => raw_data[base + 14].unpack('C')[0].to_i
|
157
|
+
}
|
158
|
+
end
|
159
|
+
|
160
|
+
# parse LACP flags based on 802.3ad-2000
|
161
|
+
def parse_flags(flags)
|
162
|
+
{
|
163
|
+
'Activity' => (LACP_ACTIVITY & flags).zero? ? 'Passive' : 'Active',
|
164
|
+
'Timeout' => (LACP_TIMEOUT & flags).zero? ? 'Long' : 'Short',
|
165
|
+
'Aggregation' => (LACP_AGGR & flags).zero? ? 'Individual' : 'Aggregatable',
|
166
|
+
'Synchronization' => (LACP_SYNC & flags).zero? ? 'OutSync' : 'InSync',
|
167
|
+
'Collecting' => (LACP_COLLECTING & flags).zero? ? 'NotCollecting' : 'Collecting',
|
168
|
+
'Distributing' => (LACP_DISTR & flags).zero? ? 'NotDistributing' : 'Distributing',
|
169
|
+
'Defaulted' => (LACP_DEFAULTED & flags).zero? ? 'RecvPartner' : 'DefaultPartner',
|
170
|
+
'Expired' => (LACP_EXPIRED & flags).zero? ? 'NotExpired' : 'Expired'
|
171
|
+
}
|
172
|
+
end
|
173
|
+
end
|
62
174
|
#
|
63
175
|
# Backword compatibility
|
64
176
|
#
|
data/ruby-pcap.gemspec
CHANGED
@@ -4,12 +4,12 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |gem|
|
6
6
|
gem.name = "ruby-pcap"
|
7
|
-
gem.version = "0.
|
8
|
-
gem.authors = [%q{Masaki Fukushima}, %q{Andrew Hobson}]
|
9
|
-
gem.email = ["
|
7
|
+
gem.version = "0.8.1"
|
8
|
+
gem.authors = [%q{Masaki Fukushima}, %q{Andrew Hobson}, %q{Marcus Barczak}, %q{Vitosha Labs Open Source team}]
|
9
|
+
gem.email = ["opensource@vitosha-labs.bg"]
|
10
10
|
gem.description = %q{Ruby interface to LBL Packet Capture library. This library also includes classes to access packet header fields.}
|
11
11
|
gem.summary = %q{Ruby interface to LBL Packet Capture library.}
|
12
|
-
gem.homepage = "https://github.com/
|
12
|
+
gem.homepage = "https://github.com/vitoshalabs/ruby-pcap"
|
13
13
|
gem.license = "GPL-2.0"
|
14
14
|
|
15
15
|
gem.files = `git ls-files`.split($/)
|
metadata
CHANGED
@@ -1,15 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ruby-pcap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.8.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Masaki Fukushima
|
8
8
|
- Andrew Hobson
|
9
|
-
|
9
|
+
- Marcus Barczak
|
10
|
+
- Vitosha Labs Open Source team
|
11
|
+
autorequire:
|
10
12
|
bindir: bin
|
11
13
|
cert_chain: []
|
12
|
-
date:
|
14
|
+
date: 2022-10-04 00:00:00.000000000 Z
|
13
15
|
dependencies:
|
14
16
|
- !ruby/object:Gem::Dependency
|
15
17
|
name: rake-compiler
|
@@ -28,14 +30,14 @@ dependencies:
|
|
28
30
|
description: Ruby interface to LBL Packet Capture library. This library also includes
|
29
31
|
classes to access packet header fields.
|
30
32
|
email:
|
31
|
-
-
|
33
|
+
- opensource@vitosha-labs.bg
|
32
34
|
executables: []
|
33
35
|
extensions:
|
34
36
|
- ext/pcap/extconf.rb
|
35
37
|
extra_rdoc_files: []
|
36
38
|
files:
|
39
|
+
- ".github/workflows/build.yml"
|
37
40
|
- ".gitignore"
|
38
|
-
- ".travis.yml"
|
39
41
|
- COPYING
|
40
42
|
- ChangeLog
|
41
43
|
- Gemfile
|
@@ -70,16 +72,21 @@ files:
|
|
70
72
|
- doc/TruncatedPacket.html
|
71
73
|
- doc/UDPPacket.html
|
72
74
|
- doc/index.html
|
75
|
+
- examples/capture_duration.rb
|
73
76
|
- examples/httpdump.rb
|
74
77
|
- examples/rewrite_time.rb
|
75
78
|
- examples/tcpdump.rb
|
76
79
|
- examples/test.rb
|
77
80
|
- ext/pcap/Pcap.c
|
81
|
+
- ext/pcap/arp_packet.c
|
78
82
|
- ext/pcap/extconf.rb
|
79
83
|
- ext/pcap/icmp_packet.c
|
84
|
+
- ext/pcap/icmpv6_packet.c
|
80
85
|
- ext/pcap/ip_packet.c
|
86
|
+
- ext/pcap/ipv6_packet.c
|
81
87
|
- ext/pcap/packet.c
|
82
88
|
- ext/pcap/ruby_pcap.h
|
89
|
+
- ext/pcap/slow_protocol_packet.c
|
83
90
|
- ext/pcap/tcp_packet.c
|
84
91
|
- ext/pcap/udp_packet.c
|
85
92
|
- lib/pcap/packet.rb
|
@@ -87,11 +94,11 @@ files:
|
|
87
94
|
- lib/pcap/tcpdump_time_format.rb
|
88
95
|
- lib/pcap_misc.rb
|
89
96
|
- ruby-pcap.gemspec
|
90
|
-
homepage: https://github.com/
|
97
|
+
homepage: https://github.com/vitoshalabs/ruby-pcap
|
91
98
|
licenses:
|
92
99
|
- GPL-2.0
|
93
100
|
metadata: {}
|
94
|
-
post_install_message:
|
101
|
+
post_install_message:
|
95
102
|
rdoc_options: []
|
96
103
|
require_paths:
|
97
104
|
- lib
|
@@ -106,9 +113,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
106
113
|
- !ruby/object:Gem::Version
|
107
114
|
version: '0'
|
108
115
|
requirements: []
|
109
|
-
|
110
|
-
|
111
|
-
signing_key:
|
116
|
+
rubygems_version: 3.1.6
|
117
|
+
signing_key:
|
112
118
|
specification_version: 4
|
113
119
|
summary: Ruby interface to LBL Packet Capture library.
|
114
120
|
test_files: []
|