|
Posted by eugk007 on February 15, 2005, 1:18 pm
Please log in for more thread options
I'm using NetPacket::TCP to examine network packets. Everything seems
to be working, except I can't get anything out of the "options" field.
For example, $tcp-> is always empty. Has anyone had any
success with this module? I'm wondering if I need to further unpack
this field or something.
Thanks.
|
|
Posted by gomor-usenet on February 16, 2005, 3:36 am
Please log in for more thread options
eugk007@gmail.com wrote:
> I'm using NetPacket::TCP to examine network packets. Everything seems
> to be working, except I can't get anything out of the "options"
field.
> For example, $tcp-> is always empty. Has anyone had any
> success with this module? I'm wondering if I need to further unpack
> this field or something.
>
> Thanks.
I don't know how to do it with NetPacket, but with Net::Packet,
it is easy:
# To build a TCP SYN packet with MSS=1460 option
# (padding is done auto):
my $tcp = Net::Packet::TCP->new(
dst => 22,
options => "x02x04x05xb4",
);
# To display options field:
print unpack('H*', $frame->l4->options), "n";
--
^ ___ ___ FreeBSD Network - http://www.GomoR.org/ <-+
| / __ |__/ Security Engineer, searching for work |
| __/ | ---[ zsh$ alias psed='perl -pe ' ]--- |
+--> Net::Packet <=> http://search.cpan.org/~gomor/ <--+
----- End forwarded message -----
|
|
Posted by -eugk- on February 16, 2005, 1:19 pm
Please log in for more thread options
Thanks, that's interesting. Unpacking it like that might also work for
NetPacket. But would you normally recommend the Net::Packet modules
instead? Are there any significant differences/advantages?
----- End forwarded message -----
|
|
Posted by gomor-usenet on February 17, 2005, 2:10 am
Please log in for more thread options
-eugk- wrote:
> Thanks, that's interesting. Unpacking it like that might
> also work for NetPacket. But would you normally
> recommend the Net::Packet modules instead? Are there any
> significant differences/advantages?
>
> ----- End forwarded message -----
Yes, there are differences, advantages, and maybe
disadvantages also ;)
When you use Net::Packet, you do not need to use
Net::Pcap. All the gory details of Net::Pcap are hidden
behind the related object (Net::Packet::Dump). Network
interface information (dev, ip, ip6, mac) is gathered
automatically, so you do not need to bother with them.
Also, when you create a Net::Packet::Frame object, you put
in it all wanted layers (Layer2, Layer3, Layer4, Lauer7).
Each time you create an object from a layer, some defaults
values are set. For example, a Net::Packet::IPv4 object
will have the source ip address set to the default network
interface from your system.
I suggest you take a look at these perldoc (SYNOPSIS).
This is better to look at the code than to do a long
and boring speech ;)
http://search.cpan.org/~gomor/Net-Packet-2.03/Packet/Frame.pm
http://search.cpan.org/~gomor/Net-Packet-2.03/Packet/Dump.pm
--
^ ___ ___ FreeBSD Network - http://www.GomoR.org/ <-+
| / __ |__/ Security Engineer, searching for work |
| __/ | ---[ zsh$ alias psed='perl -pe ' ]--- |
+--> Net::Packet <=> http://search.cpan.org/~gomor/ <--+
----- End forwarded message -----
|
| Similar Threads | Posted | | pod2usage output options | April 11, 2008, 8:48 am |
| RFC: field::aliases | September 26, 2004, 5:01 am |
| Options for passing Hash to a subroutine. | March 30, 2005, 7:39 pm |
| Re: pod2usage output options (correction) | April 11, 2008, 9:03 am |
| Entering pathnames in a CGI.pm field | January 28, 2005, 12:30 am |
| field method for Win32::IE::Mechanize | December 15, 2004, 5:39 pm |
| DBI problem -- storing large value into an INT8 field | January 4, 2007, 10:28 am |
| Passing Environment and ExtUtils::MakeMaker options to CPAN methods | August 5, 2005, 8:42 am |
|
XML Sitemap