Class: Unified2::Packet

Inherits:
Object
  • Object
show all
Defined in:
lib/unified2/packet.rb

Overview

Packet

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(packet) ⇒ Packet

Initialize packet Object

Parameters:

  • Packet (Hash)

    Packet hash



27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/unified2/packet.rb', line 27

def initialize(packet)
  @raw = packet
  @link_type = packet[:linktype]
  @microsecond = packet[:packet_microsecond]

  @event_timestamp = Time.at(packet[:timestamp])
  @timestamp = Time.at(packet[:packet_timestamp])
  @length = packet[:packet_length].to_i
  @event_id = packet[:event_id]

  @packet ||= PacketFu::Packet.parse(packet[:packet])
  @protocol = @packet.protocol.last.to_sym
end

Instance Attribute Details

#event_idObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def event_id
  @event_id
end

#event_timestampObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def event_timestamp
  @event_timestamp
end

#lengthObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def length
  @length
end

#link_typeObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def link_type
  @link_type
end

#microsecondObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def microsecond
  @microsecond
end

#rawString (readonly)

Raw

Returns:

  • (String)

    Raw binary payload



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def raw
  @raw
end

#timestampObject (readonly)

Build method defaults



18
19
20
 
# File 'lib/unified2/packet.rb', line 18

def timestamp
  @timestamp
end

Instance Method Details

#blank?true, false

Blank?

Returns:

  • (true, false)

    Check is payload is blank



98
99
100
101
 
# File 'lib/unified2/packet.rb', line 98

def blank?
  return true unless @packet
  false
end

#checksumString

Checksum

Create a unique payload checksum

Returns:

  • (String)

    Payload checksum



204
205
206
 
# File 'lib/unified2/packet.rb', line 204

def checksum
  Digest::MD5.hexdigest(hex(false))
end

#dump(options = {}) {|index, hex_segment, print_segment| ... } ⇒ nil

Note:

Please view the hexdump documentation for more information. Hexdump is a great lib by @postmodern. (github.com/postmodern/hexdump)

Dump

Parameters:

  • options (options) (defaults to: {})

    Hash of options for Hexdump#dump

Options Hash (options):

  • :width (Integer) — default: 16

    The number of bytes to dump for each line.

  • :base (Symbol, Integer) — default: :hexadecimal

    The base to print bytes in. Supported bases include, ‘:hexadecimal`, `:hex`, `16, `:decimal`, `:dec`, `10, `:octal`, `:oct`, `8`, `:binary`, `:bin` and `2`.

  • :ascii (Boolean) — default: false

    Print ascii characters when possible.

  • :output (#<<) — default: STDOUT

    The output to print the hexdump to.

Yields:

  • (index, hex_segment, print_segment)

    The given block will be passed the hexdump break-down of each segment.

Yield Parameters:

  • index (Integer)

    The index of the hexdumped segment.

  • hex_segment (Array<String>)

    The hexadecimal-byte representation of the segment.

  • print_segment (Array<String>)

    The print-character representation of the segment.

Returns:

  • (nil)

Raises:

  • (ArgumentError)

    The given data does not define the ‘#each_byte` method, or



170
171
172
173
174
175
176
177
178
 
# File 'lib/unified2/packet.rb', line 170

def dump(options={})
  packet = if options[:header]
             @raw[:packet]
           else
             @packet.payload
           end

  Hexdump.dump(packet, options)
end

#hex(include_header = true) ⇒ String

Hex

Returns:

  • (String)

    Convert payload to hex



117
118
119
120
121
122
123
124
125
126
127
 
# File 'lib/unified2/packet.rb', line 117

def hex(include_header=true)
  packet = if include_header
             @packet.to_s
           else
             @packet.payload.to_s
           end

  hex = packet.unpack('H*')
  return hex.first if hex
  nil
end

#hexdump(options = {}) ⇒ Object

Hexdump

Examples:

packet.hexdump(:width => 16)

See Also:



188
189
190
191
192
193
194
195
 
# File 'lib/unified2/packet.rb', line 188

def hexdump(options={})
  hexdump = options[:output] ||= ""
  options[:width] ||= 30
  options[:header] ||= true

  dump(options)
  hexdump
end

#ip_headerHash

IP Header

Returns:

  • (Hash)

    IP header



46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'lib/unified2/packet.rb', line 46

def ip_header
  if @packet.is_ip?
    @ip_header = {
      :ip_ver => @packet.ip_header.ip_v,
      :ip_hlen => @packet.ip_header.ip_hl,
      :ip_tos => @packet.ip_header.ip_tos,
      :ip_len => @packet.ip_header.ip_len,
      :ip_id => @packet.ip_header.ip_id,
      :ip_frag => @packet.ip_header.ip_frag,
      :ip_ttl => @packet.ip_header.ip_ttl,
      :ip_proto => @packet.ip_header.ip_proto,
      :ip_csum => @packet.ip_header.ip_sum
    }
  else
    @ip_header = {}
  end

  @ip_header
end

#payloadPayload

Payload

Returns:

  • (Payload)

    Event payload object



89
90
91
 
# File 'lib/unified2/packet.rb', line 89

def payload
  @packet.payload
end

#protocolProtocol

Protocol

Returns:



71
72
73
 
# File 'lib/unified2/packet.rb', line 71

def protocol
  @proto ||= Protocol.new(@protocol, @packet)
end

#to_sString

String

Returns:



80
81
82
 
# File 'lib/unified2/packet.rb', line 80

def to_s
  payload.to_s
end