Class: PacketFu::IPPacket

Inherits:

Packet

Object
Packet
PacketFu::IPPacket

show all

Defined in:: lib/packetfu/protos/ip.rb

Overview

IPPacket is used to construct IP packets. They contain an EthHeader, an IPHeader, and usually a transport-layer protocol such as UDPHeader, TCPHeader, or ICMPHeader.

Example

require 'packetfu'
ip_pkt = PacketFu::IPPacket.new
ip_pkt.ip_saddr="10.20.30.40"
ip_pkt.ip_daddr="192.168.1.1"
ip_pkt.ip_proto=1
ip_pkt.ip_ttl=64
ip_pkt.ip_payload="\x00\x00\x12\x34\x00\x01\x00\x01"+
  "Lovingly hand-crafted echo responses delivered directly to your door."
ip_pkt.recalc 
ip_pkt.to_f('/tmp/ip.pcap')

Parameters

:eth
  A pre-generated EthHeader object.
:ip
  A pre-generated IPHeader object.
:flavor
  TODO: Sets the "flavor" of the IP packet. This might include known sets of IP options, and
  certainly known starting TTLs.
:config
  A hash of return address details, often the output of Utils.whoami?

Instance Attribute Summary collapse

#eth_header ⇒ Object

Returns the value of attribute eth_header.
#ip_header ⇒ Object

Returns the value of attribute ip_header.

Attributes inherited from Packet

#flavor, #headers, #iface, #inspect_style

Class Method Summary collapse

.can_parse?(str) ⇒ Boolean

Instance Method Summary collapse

#initialize(args = {}) ⇒ IPPacket constructor

Creates a new IPPacket object.
#peek_format ⇒ Object

Peek provides summary data on packet contents.
#read(str = nil, args = {}) ⇒ Object

Methods inherited from Packet

#==, #clone, #dissect, #dissection_table, force_binary, #handle_is_identity, #hexify, inherited, #inspect, #inspect_hex, #kind_of?, layer, #layer, #layer_symbol, layer_symbol, #method_missing, #orig_kind_of?, parse, #payload, #payload=, #peek, #proto, #recalc, #respond_to?, #size, #to_f, #to_pcap, #to_s, #to_w, #write

Constructor Details

#initialize(args = {}) ⇒ `IPPacket`

Creates a new IPPacket object.

# File 'lib/packetfu/protos/ip.rb', line 353

def initialize(args={})
  @eth_header = EthHeader.new(args).read(args[:eth])
  @ip_header = IPHeader.new(args).read(args[:ip])
  @eth_header.body=@ip_header

  @headers = [@eth_header, @ip_header]
  super
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class PacketFu::Packet

Instance Attribute Details

#eth_header ⇒ `Object`

Returns the value of attribute eth_header.



326
327
328

# File 'lib/packetfu/protos/ip.rb', line 326

def eth_header
  @eth_header
end

#ip_header ⇒ `Object`

Returns the value of attribute ip_header.



326
327
328

# File 'lib/packetfu/protos/ip.rb', line 326

def ip_header
  @ip_header
end

Class Method Details

.can_parse?(str) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/packetfu/protos/ip.rb', line 328

def self.can_parse?(str)
  return false unless str.size >= 34
  return false unless EthPacket.can_parse? str
  if str[12,2] == "\x08\x00"
    if 1.respond_to? :ord
      ipv = str[14,1][0].ord >> 4
    else
      ipv = str[14,1][0] >> 4
    end
    return true if ipv == 4 
  else
    return false
  end
end

Instance Method Details

#peek_format ⇒ `Object`

Peek provides summary data on packet contents.

# File 'lib/packetfu/protos/ip.rb', line 363

def peek_format
  peek_data = ["I  "]
  peek_data << "%-5d" % to_s.size
  peek_data << "%-21s" % "#{ip_saddr}"
  peek_data << "->"
  peek_data << "%21s" % "#{ip_daddr}"
  peek_data << "%23s" % "I:"
  peek_data << "%04x" % ip_id.to_i
  peek_data.join
end

#read(str = nil, args = {}) ⇒ `Object`

# File 'lib/packetfu/protos/ip.rb', line 343

def read(str=nil, args={})
  raise "Cannot parse `#{str}'" unless self.class.can_parse?(str)
  @eth_header.read(str)
  @ip_header.read(str[14,str.size])
  @eth_header.body = @ip_header
  super(args) 
  self
end