Class: Pcap::Pcaplet

Inherits:
Object
  • Object
show all
Defined in:
lib/pcaplet.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args = nil) ⇒ Pcaplet

Returns a new instance of Pcaplet.



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/pcaplet.rb', line 23

def initialize(args = nil)
  if args
    ARGV[0,0] = args.split(/\s+/)
  end
  @device = nil
  @rfile = nil
  @count = -1
  @snaplen = 68
  @log_packets = false
  @duplicated = nil

  opts = OptionParser.new do |opts|
    opts.on('-d') {$DEBUG = true}
    opts.on('-v') {$VERBOSE = true}
    opts.on('-n') {Pcap.convert = false}
    opts.on('-i IFACE') {|s| @device = s}
    opts.on('-r FILE') {|s| @rfile = s}
    opts.on('-c COUNT', OptionParser::DecimalInteger) {|i| @count = i}
    opts.on('-s LEN', OptionParser::DecimalInteger) {|i| @snaplen = i}
    opts.on('-l') { @log_packets = true }
  end
  begin
    opts.parse!
  rescue
    usage(1)
  end

  @filter = ARGV.join(' ')

  # check option consistency
  usage(1) if @device && @rfile
  if !@device and !@rfile
    @device = Pcap.lookupdev
  end

  # open
  begin
    if @device
      @capture = Capture.open_live(@device, @snaplen)
    elsif @rfile
      if @rfile !~ /\.gz$/
        @capture = Capture.open_offline(@rfile)
      else
        $stdin = IO.popen("gzip -dc < #@rfile", 'r')
        @capture = Capture.open_offline('-')
      end
    end
    @capture.setfilter(@filter)
  rescue PcapError, ArgumentError
    $stdout.flush
    $stderr.puts $!
    exit(1)
  end
end

Instance Attribute Details

#captureObject (readonly)

Returns the value of attribute capture.



78
79
80
 
# File 'lib/pcaplet.rb', line 78

def capture
  @capture
end

Instance Method Details

#add_filter(f) ⇒ Object 



80
81
82
83
84
85
86
87
88
 
# File 'lib/pcaplet.rb', line 80

def add_filter(f)
  if @filter == nil || @filter =~ /^\s*$/  # if empty
    @filter = f
  else
    f = f.source if f.is_a? Filter
    @filter = "( #{@filter} ) and ( #{f} )"
  end
  @capture.setfilter(@filter)
end

#closeObject 



121
122
123
 
# File 'lib/pcaplet.rb', line 121

def close
  @capture.close
end

#each_packet(&block) ⇒ Object Also known as: each 



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 
# File 'lib/pcaplet.rb', line 90

def each_packet(&block)
  begin
    @duplicated ||= (RUBY_PLATFORM =~ /linux/ && @device == "lo")
    if !@duplicated
      @capture.loop(@count, &block)
    else
      flip = true
      @capture.loop(@count) do |pkt|
        flip = (! flip)
        next if flip

        block.call pkt
      end
    end
  rescue Exception => e
    $stderr.puts "exception when looping over each packet loop: #{e.inspect}"
    raise
  ensure
    # print statistics if live
    if @device && @log_packets
      stat = @capture.stats
      if stat
        $stderr.print("#{stat.recv} packets received by filter\n");
        $stderr.print("#{stat.drop} packets dropped by kernel\n");
      end
    end
  end
end

#usage(status, msg = nil) ⇒ Object 



17
18
19
20
21
 
# File 'lib/pcaplet.rb', line 17

def usage(status, msg = nil)
  $stderr.puts msg if msg
  pcaplet_usage
  exit(status)
end