Net::TcpDumpLog

Net::TcpDumpLog is a Perl module read tcpdump/libpcap network packet logs.
Download

Net::TcpDumpLog Ranking & Summary

Advertisement

  • Rating:
  • License:
  • Perl Artistic License
  • Price:
  • FREE
  • Publisher Name:
  • Brendan Gregg
  • Publisher web site:
  • http://search.cpan.org/~bdgregg/Net-SnoopLog-0.12/SnoopLog.pm

Net::TcpDumpLog Tags


Net::TcpDumpLog Description

Net::TcpDumpLog is a Perl module read tcpdump/libpcap network packet logs. Net::TcpDumpLog is a Perl module read tcpdump/libpcap network packet logs. It's a Perl implementation (not an interface).SYNOPSISuse Net::TcpDumpLog;$log = Net::TcpDumpLog->new(); $log->read("/tmp/out01");@Indexes = $log->indexes;foreach $index (@Indexes) { ($length_orig,$length_incl,$drops,$secs,$msecs) = $log->header($index); $data = $log->data($index); # your code here}This module can read the data and headers from tcpdump logs (these use the libpcap log format).METHODSnew () Constructor, return a TcpDumpLog object.new (BITS) This optional argument is to force reading timestamps of that number of bits. eg new(32). Could be needed when processing tcpdumps from one OS on another.new (BITS,SKIP) This second options argument is how many bytes to skip for every record header. "SuSE linux 6.3" style logs need this set to 4, everything else (so far) is 0.read (FILENAME) Read the tcpdump file indicated into memory.indexes () Return an array of index numbers for the packets loaded from the tcpdump file. The indexes start at 0.maxindex () Return the number of the last index. More memory efficient than indexes(). Add 1 to get the packet count. The indexes start at 0.header (INDEX) Takes an integer index number and returns the packet header. This is: Length of original packet, Length actually included in the tcpdump log, Number of bytes dropped in this packet, Packet arrival time as seconds since Jan 1st 1970, Microsecondsdata (INDEX) Takes an integer index number and returns the raw packet data. (This is usually Ethernet/IP/TCP data).version () Returns a string containing the libpcap log version, major and minor number - which is expected to be "2.4".linktype () Returns a strings containing the numeric linktype.zoneoffset () Returns the zoneoffset for the packet log.accuracy () Returns a the accuracy of the packet log.dumplength () Returns the length of the packet log. Requirements: · Perl


Net::TcpDumpLog Related Software

About SoftwareSea