ruby-pcap 0.7.9 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 913aacfd45979834125fde75053c925015ee8b45
-  data.tar.gz: 97499258d1aa138e73950474e439f9ec538a8aa2
+SHA256:
+  metadata.gz: 78bf37291d08a1c9dbe2ab08269e494dbb8f3c5d6a37932e3468ca30c4899648
+  data.tar.gz: 42cb108300efda78d65a7f742f691863a226cd4365339ef0a68a97ebfae0987e
 SHA512:
-  metadata.gz: ee7bca3fd1b84ccf63ba4e008a770f80e561b7eab224de77f3c6406963e302a4a737f06aebbda7d048b4269117d79babd30991a31fb31ae406bbd7296f6b4e2f
-  data.tar.gz: f4c6a018d754462db3f34ab5006ad5cb0a910a7bda315248f0352f0acf727eb34de29f49e32035085ba44b557e7489d473312208deb49fc5971e3b0b4f59e2d2
+  metadata.gz: 5572b9bdb5361c4b2e5061e20af5c15257e1c22dee6c747b86edff3053949795003ab892fb1b3e4f0ce77363a1f2c046a3a696d79cc047f3d178d81360a777e7
+  data.tar.gz: 28cb162c6fdd85499effb7c397364e1f90828292c9da9465d789a8d798c594e8f45632fd62955900a015961701f01e0ecbfb5b8c61a0440a687dd26263c786c8

data/README.md

@@ -1,3 +1,4 @@
+
 ## ruby-pcap
 
 [![Build Status](https://travis-ci.org/ickymettle/ruby-pcap.svg)](https://travis-ci.org/ickymettle/ruby-pcap)
@@ -26,10 +27,6 @@ Directory 'examples' contains some simple scripts.
 
 Masaki Fukushima <fukusima@goto.info.waseda.ac.jp>
 
-## Maintained by
-
-Marcus Barczak <mbarczak@etsy.com>
-
 ## Copyright
 
 ruby-pcap is copyrighted free software by Masaki Fukushima.

data/ext/pcap/Pcap.c

@@ -7,7 +7,6 @@
  */
 
 #include "ruby_pcap.h"
-#include "rubysig.h"
 #include <sys/time.h>
 #include <sys/types.h>
 #include <unistd.h>
@@ -318,36 +317,112 @@ handler(cap, pkthdr, data)
     rb_yield(new_packet(data, pkthdr, cap->dl_type));
 }
 
+#define DST_ADDR(data)  INT2FIX(ntohl(*((unsigned int *) (data + 30))))
+#define SRC_ADDR(data)  INT2FIX(ntohl(*((unsigned int *) (data + 26))))
+
+static void
+dst_ipv4_addr_handler(cap, pkthdr, data)
+     struct capture_object *cap;
+     const struct pcap_pkthdr *pkthdr;
+     const u_char *data;
+{
+  rb_yield(DST_ADDR(data));
+}
+
+static void
+src_ipv4_addr_handler(cap, pkthdr, data)
+     struct capture_object *cap;
+     const struct pcap_pkthdr *pkthdr;
+     const u_char *data;
+{
+  rb_yield(SRC_ADDR(data));
+}
+
+#define SRCV6_ADDR(data)  rb_integer_unpack((u_char *) (data + 22), 16, 1, 0, INTEGER_PACK_BIG_ENDIAN)
+#define DSTV6_ADDR(data)  rb_integer_unpack((u_char *) (data + 38), 16, 1, 0, INTEGER_PACK_BIG_ENDIAN)
+
+static void
+dst_ipv6_addr_handler(cap, pkthdr, data)
+     struct capture_object *cap;
+     const struct pcap_pkthdr *pkthdr;
+     const u_char *data;
+{
+  rb_yield(DSTV6_ADDR(data));
+}
+
+static void
+src_ipv6_addr_handler(cap, pkthdr, data)
+     struct capture_object *cap;
+     const struct pcap_pkthdr *pkthdr;
+     const u_char *data;
+{
+  rb_yield(SRCV6_ADDR(data));
+}
+
+void parse_opts(VALUE v_opts, void **default_handler)
+{
+  if (NIL_P(v_opts)) {
+    DEBUG_PRINT("using default capture handler");
+    *default_handler = &handler;
+  } else {
+    // raise error if second argument is not a symbol
+    Check_Type(v_opts, T_SYMBOL);
+    // only :source, :destination are supported
+    if (SYM2ID(v_opts) == rb_intern("source")) {
+      DEBUG_PRINT("yeilding only source ipv4 addresses");
+      *default_handler = &src_ipv4_addr_handler;
+    } else if (SYM2ID(v_opts) == rb_intern("destination")) {
+      DEBUG_PRINT("yeilding only destination ipv4 addresses");
+      *default_handler = &dst_ipv4_addr_handler;
+    } else if (SYM2ID(v_opts) == rb_intern("destinationv6")) {
+        DEBUG_PRINT("yeilding only destination ipv6 addresses");
+        *default_handler = &dst_ipv6_addr_handler;
+    } else if (SYM2ID(v_opts) == rb_intern("sourcev6")) {
+        DEBUG_PRINT("yeilding only source ipv6 addresses");
+        *default_handler = &src_ipv6_addr_handler;
+    } else {
+      // unkonw keyword passed, use default capture handler
+      DEBUG_PRINT("unknown option, using default capture handler");
+      *default_handler = &handler;
+    }
+  }
+}
+
 static VALUE
 capture_dispatch(argc, argv, self)
      int argc;
      VALUE *argv;
      VALUE self;
 {
-    VALUE v_cnt;
-    int cnt;
+    VALUE v_cnt, v_opts;
+    int ret = 0, cnt = 0;
+    unsigned int cap_cnt = 0;
     struct capture_object *cap;
-    int ret;
+    void *default_handler;
 
     DEBUG_PRINT("capture_dispatch");
     GetCapture(self, cap);
 
     /* scan arg */
-    if (rb_scan_args(argc, argv, "01", &v_cnt) >= 1) {
-        FIXNUM_P(v_cnt);
-        cnt = FIX2INT(v_cnt);
+    rb_scan_args(argc, argv, "02", &v_cnt, &v_opts);
+    if (NIL_P(v_cnt)) {
+      cnt = -1;
     } else {
-        cnt = -1;
+      FIXNUM_P(v_cnt);
+      cnt = FIX2INT(v_cnt);
     }
-
-    MAYBE_TRAP_BEG;
-    ret = pcap_dispatch(cap->pcap, cnt, handler, (u_char *)cap);
-    MAYBE_TRAP_END;
-    if (ret == -1) {
+    parse_opts(v_opts, &default_handler);
+    // call dispatch with 10,000 and break if we have reached desired amount
+    // if dispatch is called with -1/0 sometimes it dispatches millions of packets
+    for (cap_cnt = 0; cap_cnt < cnt; cap_cnt += ret ) {
+      MAYBE_TRAP_BEG;
+      ret = pcap_dispatch(cap->pcap, 10000, default_handler, (u_char *)cap);
+      MAYBE_TRAP_END;
+      if (ret < 0) {
         rb_raise(ePcapError, "dispatch: %s", pcap_geterr(cap->pcap));
+      }
     }
-
-    return INT2FIX(ret);
+  return UINT2NUM(cap_cnt);
 }
 
 static VALUE
@@ -373,25 +448,27 @@ capture_loop(argc, argv, self)
      VALUE *argv;
      VALUE self;
 {
-    VALUE v_cnt;
+    VALUE v_cnt, v_opts;
     int cnt;
     struct capture_object *cap;
     int ret;
+    void *default_handler;
 
     DEBUG_PRINT("capture_loop");
     GetCapture(self, cap);
 
     /* scan arg */
-    if (rb_scan_args(argc, argv, "01", &v_cnt) >= 1) {
-        FIXNUM_P(v_cnt);
-        cnt = FIX2INT(v_cnt);
+    rb_scan_args(argc, argv, "02", &v_cnt, &v_opts);
+    if (NIL_P(v_cnt)) {
+      cnt = -1;
     } else {
-        cnt = -1;
+      FIXNUM_P(v_cnt);
+      cnt = FIX2INT(v_cnt);
     }
-
+    parse_opts(v_opts, &default_handler);
     if (pcap_file(cap->pcap) != NULL) {
         MAYBE_TRAP_BEG;
-        ret = pcap_loop(cap->pcap, cnt, handler, (u_char *)cap);
+        ret = pcap_loop(cap->pcap, cnt, default_handler, (u_char *)cap);
         MAYBE_TRAP_END;
     }
     else {
@@ -409,7 +486,7 @@ capture_loop(argc, argv, self)
                     rb_thread_wait_fd(fd);
                 }
                 MAYBE_TRAP_BEG;
-                ret = pcap_dispatch(cap->pcap, 1, handler, (u_char *)cap);
+                ret = pcap_dispatch(cap->pcap, 1, default_handler, (u_char *)cap);
                 MAYBE_TRAP_END;
             } while (ret == 0);
 
@@ -540,6 +617,30 @@ capture_inject(self, v_buf)
     return Qnil;
 }
 
+// configure capture direction: IN/OUT packets
+static VALUE
+capture_direction(self, direction)
+     VALUE direction;
+     VALUE self;
+{
+    struct capture_object *cap;
+    // default value is in and out packets
+    int v_direction = PCAP_D_INOUT;
+
+    DEBUG_PRINT("capture_direction");
+    GetCapture(self, cap);
+    Check_Type(direction, T_SYMBOL);
+    // set desired direction: :in,:out or both
+    if (SYM2ID(direction) == rb_intern("in")) {
+      DEBUG_PRINT("setting capture direction IN");
+      v_direction = PCAP_D_IN;
+    } else if (SYM2ID(direction) == rb_intern("out")) {
+      DEBUG_PRINT("setting capture direction OUT");
+      v_direction = PCAP_D_OUT;
+    }
+  return INT2NUM(pcap_setdirection(cap->pcap, v_direction));
+}
+
 /*
  * Dumper object
  */
@@ -905,6 +1006,7 @@ Init_pcap(void)
     rb_define_method(cCapture, "snaplen", capture_snapshot, 0);
     rb_define_method(cCapture, "stats", capture_stats, 0);
     rb_define_method(cCapture, "inject", capture_inject, 1);
+    rb_define_method(cCapture, "direction", capture_direction, 1);
 
     /* define class Dumper */
     cDumper = rb_define_class_under(mPcap, "Dumper", rb_cObject);

data/ext/pcap/arp_packet.c

@@ -0,0 +1,82 @@
+/*
+ *  arp_packet.c
+ *
+ *  $Id: arp_packet.c,v 0.1
+ *
+ */
+
+#include "ruby_pcap.h"
+#include <netdb.h>
+
+struct arphdr
+  {
+    unsigned short int ar_hrd;  /* Format of hardware address.  */
+    unsigned short int ar_pro;  /* Format of protocol address.  */
+    unsigned char ar_hln;       /* Length of hardware address.  */
+    unsigned char ar_pln;       /* Length of protocol address.  */
+    unsigned short int ar_op;   /* ARP opcode (command).  */
+    unsigned char ar_sha[6];    /* Sender hardware address.  */
+    unsigned char ar_sip[4];    /* Sender IP address.  */
+    unsigned char ar_tha[6];    /* Target hardware address.  */
+    unsigned char ar_tip[4];    /* Target IP address.  */
+  };
+
+
+VALUE cARPPacket;
+
+VALUE
+setup_arp_packet(pkt, nl_len)
+     struct packet_object *pkt;
+     int nl_len;
+{
+    VALUE class;
+
+    DEBUG_PRINT("setup_arp_packet");
+
+    class = cARPPacket;
+
+    return class;
+}
+
+#define ARP_HDR(pkt)    ((struct arphdr *)LAYER3_HDR(pkt))
+
+#define ARPP_METHOD(func, val) \
+static VALUE\
+(func)(self)\
+     VALUE self;\
+{\
+    struct packet_object *pkt;\
+    struct arphdr *arp;\
+    DEBUG_PRINT(#func);\
+    GetPacket(self, pkt);\
+    arp = ARP_HDR(pkt);\
+    return (val);\
+}
+
+ARPP_METHOD(arpp_hw,     INT2FIX(ntohs(arp->ar_hrd)))
+ARPP_METHOD(arpp_prot,   INT2FIX(ntohs(arp->ar_pro)))
+ARPP_METHOD(arpp_hlen,   INT2FIX(arp->ar_hln))
+ARPP_METHOD(arpp_plen,   INT2FIX(arp->ar_pln))
+ARPP_METHOD(arpp_op,     INT2FIX(ntohs(arp->ar_op)))
+ARPP_METHOD(arpp_s_hw,   rb_str_new(arp->ar_sha,6))
+ARPP_METHOD(arpp_s_ip,   UINT32_2_NUM(ntohl( *((unsigned long int *) arp->ar_sip))))
+ARPP_METHOD(arpp_t_hw,   rb_str_new(arp->ar_tha,6))
+ARPP_METHOD(arpp_t_ip,   UINT32_2_NUM(ntohl( *((unsigned long int *) arp->ar_tip))))
+
+
+void
+Init_arp_packet(void)
+{
+    DEBUG_PRINT("Init_arp_packet");
+
+    cARPPacket = rb_define_class_under(mPcap, "ARPPacket", cPacket);
+    rb_define_method(cARPPacket, "hw", arpp_hw, 0);
+    rb_define_method(cARPPacket, "protocol", arpp_prot, 0);
+    rb_define_method(cARPPacket, "hwlen", arpp_hlen, 0);
+    rb_define_method(cARPPacket, "plen", arpp_plen, 0);
+    rb_define_method(cARPPacket, "op_code", arpp_op, 0);
+    rb_define_method(cARPPacket, "sender_hw", arpp_s_hw, 0);
+    rb_define_method(cARPPacket, "sender_ip", arpp_s_ip, 0);
+    rb_define_method(cARPPacket, "target_hw", arpp_t_hw, 0);
+    rb_define_method(cARPPacket, "target_ip", arpp_t_ip, 0);
+}

data/ext/pcap/icmp_packet.c

@@ -232,6 +232,40 @@ icmpp_radv(self, ind)
     rb_ary_push(ary, INT2NUM(ntohl(IDRD(icmp)->ird_pref)));
     return ary;
 }
+static VALUE
+icmpp_csumok(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip *ip;
+    struct icmp *icmp;
+    GetPacket(self, pkt);
+    ip = IP_HDR(pkt);
+    icmp = ICMP_HDR(pkt);
+
+    long sum = 0;
+    unsigned short *temp = (unsigned short *)icmp;
+    int len = ntohs(ip->ip_len) - ip->ip_hl*4; // length of ip data
+    int csum = ntohs(icmp->icmp_cksum); // keep the checksum in packet
+
+    icmp->icmp_cksum = 0;
+    while(len > 1){
+      sum += ntohs(*temp++);
+      len -= 2;
+    }
+    if(len)
+      sum += ntohs((unsigned short) *((unsigned char *)temp));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    unsigned short answer = ~sum;
+
+    icmp->icmp_cksum = csum; //restore the checkum in packet
+    if (DEBUG_CHECKSUM)
+      printf("ICMP csum in packet:%d should be %d\n", csum, answer);
+    if (answer == csum)
+      return Qtrue;
+    return Qfalse;
+}
 
 #define time_new_msec(t) rb_time_new((t)/1000, (t)%1000 * 1000)
 ICMPP_METHOD(icmpp_otime, 12, time_new_msec(ntohl(icmp->icmp_otime)))
@@ -336,6 +370,7 @@ Init_icmp_packet(void)
     rb_define_method(cICMPPacket, "icmp_typestr",  icmpp_typestr, 0);
     rb_define_method(cICMPPacket, "icmp_code",     icmpp_code, 0);
     rb_define_method(cICMPPacket, "icmp_cksum",    icmpp_cksum, 0);
+    rb_define_method(cICMPPacket, "icmp_csum_ok?", icmpp_csumok, 0);
 
     klass = rb_define_class_under(mPcap, "ICMPEchoReply", cICMPPacket);
     icmp_types[ICMP_ECHOREPLY].klass = klass;

data/ext/pcap/icmpv6_packet.c

@@ -0,0 +1,107 @@
+/*
+ *  icmpv6_packet.c
+ */
+
+#include "ruby_pcap.h"
+
+#define ICMPV6_HDR(pkt)  ((struct icmp6_hdr *)LAYER4_HDR(pkt))
+#define ICMP_CAPLEN(pkt) (pkt->hdr.pkthdr.caplen - pkt->hdr.layer4_off)
+
+VALUE cICMPv6Packet;
+
+#define CheckTruncateICMP(pkt, need) CheckTruncate(pkt, pkt->hdr.layer4_off, need, "truncated ICMPv6")
+
+
+VALUE
+setup_icmpv6_packet(pkt)
+  struct packet_object *pkt;
+{
+    return cICMPv6Packet;
+}
+
+
+#define ICMPP_METHOD(func, need, val) \
+static VALUE\
+(func)(self)\
+     VALUE self;\
+{\
+    struct packet_object *pkt;\
+    struct icmp6_hdr *icmp;\
+    GetPacket(self, pkt);\
+    CheckTruncateICMP(pkt, (need));\
+    icmp = ICMPV6_HDR(pkt);\
+    return (val);\
+}
+
+/*
+ * Common methods based on icmp6_hdr
+ */
+
+ICMPP_METHOD(icmpp_type,   1, INT2FIX(icmp->icmp6_type))
+ICMPP_METHOD(icmpp_code,   2, INT2FIX(icmp->icmp6_code))
+ICMPP_METHOD(icmpp_cksum,  4, INT2FIX(ntohs(icmp->icmp6_cksum)))
+/* 4 Bytes is the common ICMPv6 Header*/
+ICMPP_METHOD(icmppv6_data, 5, rb_str_new(icmp->icmp6_data8, ICMP_CAPLEN(pkt)-4))
+
+
+static VALUE
+icmpp_csumokv6(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    struct icmp6_hdr *icmp;
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    icmp = ICMPV6_HDR(pkt);
+
+    long sum = 0;
+    unsigned short *temp = (unsigned short *)icmp;
+    int len = ntohs(ip->ip6_plen); // length of ip data
+    int csum = ntohs(icmp->icmp6_cksum); // keep the checksum in packet
+    unsigned short *ip_src = (void *)&ip->ip6_src.s6_addr;
+    unsigned short *ip_dst = (void *)&ip->ip6_dst.s6_addr;
+
+    // ICMPv6 now inclides pseudo header sum
+    int i = 1;
+    for (i = 0; i < 8; i++) {
+      sum += ntohs(*(ip_src));
+      sum += ntohs(*(ip_dst));
+      ip_src++;
+      ip_dst++;
+    }
+    sum += 58; // ICMPv6 next header value
+    sum += len;
+
+    icmp->icmp6_cksum = 0;
+    while(len > 1){
+      sum += ntohs(*temp++);
+      len -= 2;
+    }
+    if(len)
+      sum += ntohs((unsigned short) *((unsigned char *)temp));
+    while(sum>>16)
+      sum = (sum & 0xFFFF) + (sum >> 16);
+    unsigned short answer = ~sum;
+
+    icmp->icmp6_cksum = csum; //restore the checkum in packet
+    if (DEBUG_CHECKSUM)
+      printf("ICMP csum in packet:%d should be %d\n", csum, answer);
+    if (answer == csum)
+      return Qtrue;
+    return Qfalse;
+}
+
+
+void
+Init_icmpv6_packet(void)
+{
+
+    cICMPv6Packet = rb_define_class_under(mPcap, "ICMPv6Packet", cIPv6Packet);
+
+    rb_define_method(cICMPv6Packet, "icmp_type",     icmpp_type, 0);
+    rb_define_method(cICMPv6Packet, "icmp_code",     icmpp_code, 0);
+    rb_define_method(cICMPv6Packet, "icmp_cksum",    icmpp_cksum, 0);
+    rb_define_method(cICMPv6Packet, "icmp_csum_ok?", icmpp_csumokv6, 0);
+    rb_define_method(cICMPv6Packet, "icmp_data",     icmppv6_data, 0);
+}

data/ext/pcap/ip_packet.c

@@ -14,8 +14,7 @@ static VALUE cIPAddress;
 
 static unsigned short in_cksum(unsigned char *data, int len);
 
-#define CheckTruncateIp(pkt, need) \
-    CheckTruncate(pkt, pkt->hdr.layer3_off, need, "truncated IP")
+#define CheckTruncateIp(pkt, need)  CheckTruncate(pkt, pkt->hdr.layer3_off, need, "truncated IP")
 
 VALUE
 setup_ip_packet(pkt, nl_len)
@@ -49,7 +48,7 @@ setup_ip_packet(pkt, nl_len)
                 case IPPROTO_ICMP:
                     class = setup_icmp_packet(pkt, tl_len);
                     break;
-                }               
+                }
             }
         }
     }
@@ -149,6 +148,19 @@ ipp_sumok(self)
     return Qfalse;
 }
 
+static VALUE
+ipp_truncated(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip *ip;
+    GetPacket(self, pkt);
+    ip = IP_HDR(pkt);
+    if IsTruncated(pkt, pkt->hdr.layer3_off, ntohs(ip->ip_len))
+        return Qtrue;
+    return Qfalse;
+}
+
 static unsigned short
 in_cksum(unsigned char *data, int len)
 {
@@ -401,6 +413,7 @@ Init_ip_packet(void)
     rb_define_method(cIPPacket, "dst=", ipp_set_dst, 1);
     rb_define_method(cIPPacket, "ip_data", ipp_data, 0);
     rb_define_method(cIPPacket, "ip_sum_update!", ipp_sum_update, 0);
+    rb_define_method(cIPPacket, "ip_truncated?", ipp_truncated, 0);
 
     cIPAddress = rb_define_class_under(mPcap, "IPAddress", rb_cObject);
     rb_define_singleton_method(cIPAddress, "new", ipaddr_s_new, 1);
@@ -417,8 +430,4 @@ Init_ip_packet(void)
 
     rb_define_method(cIPAddress, "_dump", ipaddr_dump, 1);
     rb_define_singleton_method(cIPAddress, "_load", ipaddr_s_load, 1);
-
-    Init_tcp_packet();
-    Init_udp_packet();
-    Init_icmp_packet();
 }

data/ext/pcap/ipv6_packet.c

@@ -0,0 +1,162 @@
+/*
+ *  ipv6_packet.c
+ */
+
+#include "ruby_pcap.h"
+
+VALUE cIPv6Packet;
+
+#define CheckTruncateIpv6(pkt, need) CheckTruncate(pkt, pkt->hdr.layer3_off, need, "truncated IPv6")
+#define IPV6_HL 40
+
+VALUE
+setup_ipv6_packet(pkt, nl_len)
+     struct packet_object *pkt;
+     int nl_len;
+{
+    VALUE class;
+
+    class = cIPv6Packet;
+    pkt->hdr.layer4_off = pkt->hdr.layer3_off + IPV6_HL;
+    switch (IPV6_HDR(pkt)->ip6_nxt) {
+      case IPPROTO_TCP:
+        DEBUG_PRINT("setup_tcpv6_packet");
+        class = setup_tcpv6_packet(pkt, nl_len - IPV6_HL);
+        break;
+      case IPPROTO_UDP:
+        DEBUG_PRINT("setup_udpv6_packet");
+        class = setup_udpv6_packet(pkt, nl_len - IPV6_HL);
+        break;
+      case IPPROTO_ICMPV6:
+        DEBUG_PRINT("setup_icmpv6_packet");
+        class = setup_icmpv6_packet(pkt);
+        break;
+    }
+    return class;
+}
+
+#define IPV6P_METHOD(func, val) \
+static VALUE\
+(func)(self)\
+     VALUE self;\
+{\
+    struct ip6_hdr *ip;\
+\
+    DEBUG_PRINT(#func);\
+    ip = IPV6_HDR_OBJ(self);\
+    return (val);\
+}
+
+IPV6P_METHOD(ipp_ver, INT2FIX(ip->ip6_vfc >> 4))
+/*
+The bits of this field hold two values.
+The six most-significant bits hold the Differentiated Services (DS) field, which is used to classify packets.
+Currently, all standard DS fields end with a '0' bit. Any DS field that ends with two '1' bits is intended for local or experimental use.[4]
+The remaining two bits are used for Explicit Congestion Notification (ECN);
+priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.
+*/
+IPV6P_METHOD(ipp_tc,  INT2FIX((ntohl(ip->ip6_flow) & 0x0FF00000) >> 20))
+IPV6P_METHOD(ipp_ds,  INT2FIX((ntohl(ip->ip6_flow) & 0x0FF00000) >> 22))
+IPV6P_METHOD(ipp_ecn, INT2FIX((ntohl(ip->ip6_flow) & 0x00300000) >> 20))
+IPV6P_METHOD(ipp_fl,  INT2FIX(ntohl(ip->ip6_flow) & 0x000FFFFF))
+IPV6P_METHOD(ipp_pl,  INT2FIX(ntohs(ip->ip6_plen)))
+IPV6P_METHOD(ipp_nh,  INT2FIX(ip->ip6_nxt))
+IPV6P_METHOD(ipp_hl,  INT2FIX(ip->ip6_hlim))
+
+
+static VALUE
+ipp_truncated(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    if IsTruncated(pkt, pkt->hdr.layer3_off, ntohs(ip->ip6_plen))
+        return Qtrue;
+    return Qfalse;
+}
+
+static VALUE
+ipp_data(self)
+     VALUE self;
+{
+    struct packet_object *pkt;
+    struct ip6_hdr *ip;
+    int len;
+
+    GetPacket(self, pkt);
+    ip = IPV6_HDR(pkt);
+    CheckTruncateIpv6(pkt, 20);
+    len = pkt->hdr.pkthdr.caplen - pkt->hdr.layer3_off - IPV6_HL;
+    return rb_str_new((u_char *)ip + IPV6_HL, len);
+}
+
+/*
+ * IPv6Address
+ */
+
+static VALUE
+ipp_src_i(self)
+    VALUE self;
+{
+  struct ip6_hdr *ip;
+  ip = (struct ip6_hdr *)IPV6_HDR_OBJ(self);
+  return rb_integer_unpack(ip->ip6_src.s6_addr, 16, 1, 0, INTEGER_PACK_BIG_ENDIAN);
+}
+
+static VALUE
+ipp_src_s(self)
+  VALUE self;
+{
+  struct ip6_hdr *ip;
+  char buff[INET6_ADDRSTRLEN];
+  ip = (struct ip6_hdr *)IPV6_HDR_OBJ(self);
+
+  inet_ntop(AF_INET6, ip->ip6_src.s6_addr, buff, INET6_ADDRSTRLEN);
+  return rb_str_new2(buff);
+}
+
+static VALUE
+ipp_dst_i(self)
+    VALUE self;
+{
+  struct ip6_hdr *ip;
+  ip = IPV6_HDR_OBJ(self);
+  return rb_integer_unpack(ip->ip6_dst.s6_addr, 16, 1, 0, INTEGER_PACK_BIG_ENDIAN);
+}
+
+static VALUE
+ipp_dst_s(self)
+  VALUE self;
+{
+  char buff[INET6_ADDRSTRLEN];
+  struct ip6_hdr *ip;
+  ip = IPV6_HDR_OBJ(self);
+
+  inet_ntop(AF_INET6, ip->ip6_dst.s6_addr, buff, INET6_ADDRSTRLEN);
+  return rb_str_new2(buff);
+}
+
+void
+Init_ipv6_packet(void)
+{
+    DEBUG_PRINT("Init_ipv6_packet");
+
+    cIPv6Packet = rb_define_class_under(mPcap, "IPv6Packet", cPacket);
+
+    rb_define_method(cIPv6Packet, "ip_ver", ipp_ver, 0);
+    rb_define_method(cIPv6Packet, "ip_tc", ipp_tc, 0);
+    rb_define_method(cIPv6Packet, "ip_ds", ipp_ds, 0);
+    rb_define_method(cIPv6Packet, "ip_ecn", ipp_ecn, 0);
+    rb_define_method(cIPv6Packet, "ip_fl", ipp_fl, 0); /* IPv6 flow label */
+    rb_define_method(cIPv6Packet, "ip_pl", ipp_pl, 0); /* IPv6 Payload length */
+    rb_define_method(cIPv6Packet, "ip_nh", ipp_nh, 0); /* IPv6 Next header */
+    rb_define_method(cIPv6Packet, "ip_hl", ipp_hl, 0); /* IPv6 Hop limit */
+    rb_define_method(cIPv6Packet, "src_s", ipp_src_s, 0);
+    rb_define_method(cIPv6Packet, "dst_s", ipp_dst_s, 0);
+    rb_define_method(cIPv6Packet, "src_i", ipp_src_i, 0);
+    rb_define_method(cIPv6Packet, "dst_i", ipp_dst_i, 0);
+    rb_define_method(cIPv6Packet, "ip_data", ipp_data, 0);
+    rb_define_method(cIPv6Packet, "ip_truncated?", ipp_truncated, 0);
+}