Class: Pcap::Pcaplet

Inherits:
Object
  • Object
show all
Defined in:
lib/pcap/pcaplet.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args = nil) ⇒ Pcaplet 



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/pcap/pcaplet.rb', line 12

def initialize(args = nil)
  if args
    ARGV[0,0] = args.split(/\s+/)
  end
  @device = nil
  @rfile = nil
  @count = -1
  @snaplen = 68
  @log_packets = false
  @duplicated = nil

  opts = OptionParser.new do |opts|
    opts.on('-d') {$DEBUG = true}
    opts.on('-v') {$VERBOSE = true}
    opts.on('-n') {Pcap.convert = false}
    opts.on('-i IFACE') {|s| @device = s}
    opts.on('-r FILE') {|s| @rfile = s}
    opts.on('-c COUNT', OptionParser::DecimalInteger) {|i| @count = i}
    opts.on('-s LEN', OptionParser::DecimalInteger) {|i| @snaplen = i}
    opts.on('-l') { @log_packets = true }
  end
  begin
    opts.parse!
  rescue
    usage(1)
  end

  @filter = ARGV.join(' ')

  # check option consistency
  usage(1) if @device && @rfile
  if !@device and !@rfile
    @device = Pcap.lookupdev
  end

  # open
  begin
    if @device
      @capture = Capture.open_live(@device, @snaplen)
    elsif @rfile
      if @rfile !~ /\.gz$/
        @capture = Capture.open_offline(@rfile)
      else
        $stdin = IO.popen("gzip -dc < #@rfile", 'r')
        @capture = Capture.open_offline('-')
      end
    end
    @capture.setfilter(@filter)
  rescue PcapError, ArgumentError
    $stdout.flush
    $stderr.puts $!
    exit(1)
  end
end

Instance Attribute Details

#captureObject (readonly)

Returns the value of attribute capture.



67
68
69
 
# File 'lib/pcap/pcaplet.rb', line 67

def capture
  @capture
end

Instance Method Details

#add_filter(f) ⇒ Object 



69
70
71
72
73
74
75
76
77
 
# File 'lib/pcap/pcaplet.rb', line 69

def add_filter(f)
  if @filter == nil || @filter =~ /^\s*$/  # if empty
    @filter = f
  else
    f = f.source if f.is_a? Filter
    @filter = "( #{@filter} ) and ( #{f} )"
  end
  @capture.setfilter(@filter)
end

#closeObject 



110
111
112
 
# File 'lib/pcap/pcaplet.rb', line 110

def close
  @capture.close
end

#each_packet(&block) ⇒ Object Also known as: each 



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/pcap/pcaplet.rb', line 79

def each_packet(&block)
  begin
    @duplicated ||= (RUBY_PLATFORM =~ /linux/ && @device == "lo")
    if !@duplicated
      @capture.loop(@count, &block)
    else
      flip = true
      @capture.loop(@count) do |pkt|
        flip = (! flip)
        next if flip

        block.call pkt
      end
    end
  rescue Exception => e
    $stderr.puts "exception when looping over each packet loop: #{e.inspect}"
    raise
  ensure
    # print statistics if live
    if @device && @log_packets
      stat = @capture.stats
      if stat
        $stderr.print("#{stat.recv} packets received by filter\n");
        $stderr.print("#{stat.drop} packets dropped by kernel\n");
      end
    end
  end
end

#usage(status, msg = nil) ⇒ Object 



6
7
8
9
10
 
# File 'lib/pcap/pcaplet.rb', line 6

def usage(status, msg = nil)
  $stderr.puts msg if msg
  pcaplet_usage
  exit(status)
end