Class: FlowTag::Packet

Inherits:

Object

Object
FlowTag::Packet

show all

Defined in:: lib/flowtag/pcapparser.rb

Instance Attribute Summary collapse

#data ⇒ Object readonly

Returns the value of attribute data.
#dport ⇒ Object readonly

Returns the value of attribute dport.
#ip_dst ⇒ Object readonly

Returns the value of attribute ip_dst.
#ip_src ⇒ Object readonly

Returns the value of attribute ip_src.
#length ⇒ Object readonly

Returns the value of attribute length.
#sport ⇒ Object readonly

Returns the value of attribute sport.
#tcp_dport ⇒ Object readonly

Returns the value of attribute tcp_dport.
#tcp_sport ⇒ Object readonly

Returns the value of attribute tcp_sport.
#time ⇒ Object readonly

Returns the value of attribute time.
#udp_dport ⇒ Object readonly

Returns the value of attribute udp_dport.
#udp_sport ⇒ Object readonly

Returns the value of attribute udp_sport.

Instance Method Summary collapse

#initialize(time, data) ⇒ Packet constructor

A new instance of Packet.
#ip? ⇒ Boolean
#payload ⇒ Object
#tcp? ⇒ Boolean
#udp? ⇒ Boolean

Constructor Details

#initialize(time, data) ⇒ `Packet`

Returns a new instance of Packet.

# File 'lib/flowtag/pcapparser.rb', line 60

def initialize(time, data)
	@time = time
	@data = data
	@length = data.length
	@ip = @tcp = @udp = false
	@ip_src = @ip_dst = @sport = @dport = @tcp_sport = @tcp_dport = @udp_sport = @udp_dport = nil
	@ip = (data[12,2].unpack("n")[0] == 0x0800) ? true : false
	offset = 14
	if @ip
		@ip_hlen = (data[offset,1].unpack("C")[0] & 0x0f) << 2
		@ip_proto = data[offset+9,1].unpack("C")[0]
		@ip_src, @ip_dst = data[offset+12,8].unpack("NN")
		offset += @ip_hlen
		@tcp = true if @ip_proto == 0x06
		@udp = true if @ip_proto == 0x11
		if @tcp
			@sport, @dport = data[offset,4].unpack("nn")
			@tcp_sport = @sport
			@tcp_dport = @dport
			@tcp_hlen = (data[offset+12,1].unpack("C")[0] >> 4) << 2
			offset += @tcp_hlen
		elsif @udp
			@sport, @dport = data[offset,4].unpack("nn")
			@udp_sport = @sport
			@udp_dport = @dport
			offset += 8
		end
	end
	@data_offset = offset
end

Instance Attribute Details

#data ⇒ `Object` (readonly)

Returns the value of attribute data.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def data
  @data
end

#dport ⇒ `Object` (readonly)

Returns the value of attribute dport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def dport
  @dport
end

#ip_dst ⇒ `Object` (readonly)

Returns the value of attribute ip_dst.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def ip_dst
  @ip_dst
end

#ip_src ⇒ `Object` (readonly)

Returns the value of attribute ip_src.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def ip_src
  @ip_src
end

#length ⇒ `Object` (readonly)

Returns the value of attribute length.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def length
  @length
end

#sport ⇒ `Object` (readonly)

Returns the value of attribute sport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def sport
  @sport
end

#tcp_dport ⇒ `Object` (readonly)

Returns the value of attribute tcp_dport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def tcp_dport
  @tcp_dport
end

#tcp_sport ⇒ `Object` (readonly)

Returns the value of attribute tcp_sport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def tcp_sport
  @tcp_sport
end

#time ⇒ `Object` (readonly)

Returns the value of attribute time.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def time
  @time
end

#udp_dport ⇒ `Object` (readonly)

Returns the value of attribute udp_dport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def udp_dport
  @udp_dport
end

#udp_sport ⇒ `Object` (readonly)

Returns the value of attribute udp_sport.



59
60
61

# File 'lib/flowtag/pcapparser.rb', line 59

def udp_sport
  @udp_sport
end

Instance Method Details

#ip? ⇒ `Boolean`

Returns:

(Boolean)



91
92
93

# File 'lib/flowtag/pcapparser.rb', line 91

def ip?
	@ip
end

#payload ⇒ `Object`



103
104
105

# File 'lib/flowtag/pcapparser.rb', line 103

def payload
	@data[@data_offset,10000]
end

#tcp? ⇒ `Boolean`

Returns:

(Boolean)



99
100
101

# File 'lib/flowtag/pcapparser.rb', line 99

def tcp?
	@tcp
end

#udp? ⇒ `Boolean`

Returns:

(Boolean)



95
96
97

# File 'lib/flowtag/pcapparser.rb', line 95

def udp?
	@udp
end

Class: FlowTag::Packet

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(time, data) ⇒ Packet

Instance Attribute Details

#data ⇒ Object (readonly)

#dport ⇒ Object (readonly)

#ip_dst ⇒ Object (readonly)

#ip_src ⇒ Object (readonly)

#length ⇒ Object (readonly)

#sport ⇒ Object (readonly)

#tcp_dport ⇒ Object (readonly)

#tcp_sport ⇒ Object (readonly)

#time ⇒ Object (readonly)

#udp_dport ⇒ Object (readonly)

#udp_sport ⇒ Object (readonly)

Instance Method Details

#ip? ⇒ Boolean

#payload ⇒ Object

#tcp? ⇒ Boolean

#udp? ⇒ Boolean

#initialize(time, data) ⇒ `Packet`

#data ⇒ `Object` (readonly)

#dport ⇒ `Object` (readonly)

#ip_dst ⇒ `Object` (readonly)

#ip_src ⇒ `Object` (readonly)

#length ⇒ `Object` (readonly)

#sport ⇒ `Object` (readonly)

#tcp_dport ⇒ `Object` (readonly)

#tcp_sport ⇒ `Object` (readonly)

#time ⇒ `Object` (readonly)

#udp_dport ⇒ `Object` (readonly)

#udp_sport ⇒ `Object` (readonly)

#ip? ⇒ `Boolean`

#payload ⇒ `Object`

#tcp? ⇒ `Boolean`

#udp? ⇒ `Boolean`