Class: Pcap::Pcaplet

Inherits:
Object
  • Object
show all
Defined in:
lib/pcap/pcaplet.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args = nil) ⇒ Pcaplet

Returns a new instance of Pcaplet.



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/pcap/pcaplet.rb', line 12

def initialize(args = nil)
  if args
    ARGV[0,0] = args.split(/\s+/)
  end
  @device = nil
  @rfile = nil
  @count = -1
  @snaplen = 68
  @log_packets = false
  @duplicated = nil

  opts = OptionParser.new do |opts|
    opts.on('-d') {$DEBUG = true}
    opts.on('-v') {$VERBOSE = true}
    opts.on('-n') {Pcap.convert = false}
    opts.on('-i IFACE') {|s| @device = s}
    opts.on('-r FILE') {|s| @rfile = s}
    opts.on('-c COUNT', OptionParser::DecimalInteger) {|i| @count = i}
    opts.on('-s LEN', OptionParser::DecimalInteger) {|i| @snaplen = i}
    opts.on('-l') { @log_packets = true }
  end
  begin
    opts.parse!
  rescue
    usage(1)
  end

  @filter = ARGV.join(' ')

  # check option consistency
  usage(1) if @device && @rfile
  if !@device and !@rfile
    @device = Pcap.lookupdev
  end

  # open
  begin
    if @device
      @capture = Capture.open_live(@device, @snaplen)
    elsif @rfile
      if @rfile !~ /\.gz$/
        @capture = Capture.open_offline(@rfile)
      else
        $stdin = IO.popen("gzip -dc < #@rfile", 'r')
        @capture = Capture.open_offline('-')
      end
    end
    @capture.setfilter(@filter)
  rescue PcapError, ArgumentError
    $stdout.flush
    $stderr.puts $!
    exit(1)
  end
end

Instance Attribute Details

#captureObject (readonly)

Returns the value of attribute capture.



67
68
69
 
# File 'lib/pcap/pcaplet.rb', line 67

def capture
  @capture
end

Instance Method Details

#add_filter(f) ⇒ Object 



69
70
71
72
73
74
75
76
77
 
# File 'lib/pcap/pcaplet.rb', line 69

def add_filter(f)
  if @filter == nil || @filter =~ /^\s*$/  # if empty
    @filter = f
  else
    f = f.source if f.is_a? Filter
    @filter = "( #{@filter} ) and ( #{f} )"
  end
  @capture.setfilter(@filter)
end

#closeObject 



110
111
112
 
# File 'lib/pcap/pcaplet.rb', line 110

def close
  @capture.close
end

#each_packet(&block) ⇒ Object Also known as: each 



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/pcap/pcaplet.rb', line 79

def each_packet(&block)
  begin
    @duplicated ||= (RUBY_PLATFORM =~ /linux/ && @device == "lo")
    if !@duplicated
      @capture.loop(@count, &block)
    else
      flip = true
      @capture.loop(@count) do |pkt|
        flip = (! flip)
        next if flip

        block.call pkt
      end
    end
  rescue Exception => e
    $stderr.puts "exception when looping over each packet loop: #{e.inspect}"
    raise
  ensure
    # print statistics if live
    if @device && @log_packets
      stat = @capture.stats
      if stat
        $stderr.print("#{stat.recv} packets received by filter\n");
        $stderr.print("#{stat.drop} packets dropped by kernel\n");
      end
    end
  end
end

#usage(status, msg = nil) ⇒ Object 



6
7
8
9
10
 
# File 'lib/pcap/pcaplet.rb', line 6

def usage(status, msg = nil)
  $stderr.puts msg if msg
  pcaplet_usage
  exit(status)
end