NetPacket-1.4.4/0000755000175000017500000000000012246412375012722 5ustar yanickyanickNetPacket-1.4.4/lib/0000755000175000017500000000000012246412375013470 5ustar yanickyanickNetPacket-1.4.4/lib/NetPacket.pm0000644000175000017500000001174412246412375015713 0ustar yanickyanick# # NetPacket - Base class for NetPacket::* object hierarchy. # # Checksumming added by Stephanie Wehner, atrak@itsx.com # package NetPacket; BEGIN { $NetPacket::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::VERSION = '1.4.4'; } # ABSTRACT: assemble/disassemble network packets at the protocol level use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); BEGIN { @ISA = qw(Exporter); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(in_cksum htons htonl ntohs ntohl ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], ); } # # Utility functions useful for all modules # # Calculate IP checksum sub in_cksum { my ($packet) = @_; my ($plen, $short, $num, $count, $chk); $plen = length($packet); $num = int($plen / 2); $chk = 0; $count = $plen; foreach $short (unpack("S$num", $packet)) { $chk += $short; $count = $count - 2; } if($count == 1) { $chk += unpack("C", substr($packet, $plen -1, 1)); } # add the two halves together (CKSUM_CARRY -> libnet) $chk = ($chk >> 16) + ($chk & 0xffff); return(~(($chk >> 16) + $chk) & 0xffff); } # Network/host byte order conversion routines. Network byte order is # defined as being big-endian. sub htons { my ($in) = @_; return(unpack('n*', pack('S*', $in))); } sub htonl { my ($in) = @_; return(unpack('N*', pack('L*', $in))); } sub ntohl { my ($in) = @_; return(unpack('L*', pack('N*', $in))); } sub ntohs { my ($in) = @_; return(unpack('S*', pack('n*', $in))); } # # Module initialisation # 1; __END__ =pod =head1 NAME NetPacket - assemble/disassemble network packets at the protocol level =head1 VERSION version 1.4.4 =head1 SYNOPSIS # NetPacket is a base class only =head1 DESCRIPTION C provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each C descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the C cluster of modules other than each protocol module being a C. This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. =head1 WRITING YOUR OWN C MODULE You are encouraged to write additional C modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a C module. =head2 Naming Conventions When creating a module in the C namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the C easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto =head2 Required Methods encode(), decode(), strip() =head2 Required Fields Every NetPacket:: object should have the following fields. =over =item _parent A link to the parent C object in which this C object is encaulated. This field is undefined if there is no parent object. =item _frame A copy of the raw data of the packet. =item data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. =back =head1 SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. =head1 COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHORS Tim Potter Stephanie Wehner Yanick Champoux =cut NetPacket-1.4.4/lib/NetPacket/0000755000175000017500000000000012246412375015346 5ustar yanickyanickNetPacket-1.4.4/lib/NetPacket/TCP.pm0000644000175000017500000002677612246412375016354 0ustar yanickyanick# # NetPacket::TCP - Decode and encode TCP (Transmission Control # Protocol) packets. # # Encode and checksumming part, Stephanie Wehner, atrak@itsx.com package NetPacket::TCP; BEGIN { $NetPacket::TCP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::TCP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble TCP (Transmission Control Protocol) packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); use NetPacket; my $myclass; # TCP Flags use constant FIN => 0x01; use constant SYN => 0x02; use constant RST => 0x04; use constant PSH => 0x08; use constant ACK => 0x10; use constant URG => 0x20; use constant ECE => 0x40; use constant CWR => 0x80; BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw(FIN SYN RST PSH ACK URG ECE CWR ); # Other items we are prepared to export if requested @EXPORT_OK = qw(tcp_strip ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], strip => [qw(tcp_strip)], ); } # # Strip header from packet and return the data contained in it # undef &tcp_strip; *tcp_strip = \&strip; sub strip { my ($pkt) = @_; my $tcp_obj = NetPacket::TCP->decode($pkt); return $tcp_obj->{data}; } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode TCP packet if (defined($pkt)) { my $tmp; ($self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $self->{cksum}, $self->{urg}, $self->{options}) = unpack("nnNNnnnna*", $pkt); # Extract flags $self->{hlen} = ($tmp & 0xf000) >> 12; $self->{reserved} = ($tmp & 0x0f00) >> 8; $self->{flags} = $tmp & 0x00ff; # Decode variable length header and remaining data my $olen = $self->{hlen} - 5; $olen = 0 if $olen < 0; # Check for bad hlen # Option length is number of 32 bit words $olen *= 4; ( $self->{options}, $self->{data} ) = unpack( 'a' . $olen . 'a*', $self->{options}); } # Return a blessed object bless($self, $class); return $self; } # # Encode a packet # sub encode { my $self = shift; my ($ip) = @_; my ($packet,$tmp); # First of all, fix the checksum $self->checksum($ip); $tmp = $self->{hlen} << 12; $tmp = $tmp | (0x0f00 & ($self->{reserved} << 8)); $tmp = $tmp | (0x00ff & $self->{flags}); # Put the packet together $packet = pack('n n N N n n n n a* a*', $self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $self->{cksum}, $self->{urg}, $self->{options},$self->{data}); return($packet); } # # TCP Checksum # sub checksum { my $self = shift; my ($ip) = @_; my ($packet,$zero,$tcplen,$tmp); my ($src_ip, $dest_ip,$proto); $zero = 0; $proto = 6; $tcplen = ($self->{hlen} * 4)+ length($self->{data}); no warnings qw/ uninitialized /; $tmp = $self->{hlen} << 12; $tmp = $tmp | (0x0f00 & ($self->{reserved} << 8)); $tmp = $tmp | (0x00ff & $self->{flags}); # Pack pseudo-header for tcp checksum $src_ip = gethostbyname($ip->{src_ip}); $dest_ip = gethostbyname($ip->{dest_ip}); $packet = pack('a4a4nnnnNNnnnna*a*', $src_ip,$dest_ip,$proto,$tcplen, $self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $zero, $self->{urg}, $self->{options},$self->{data}); # pad packet if odd-sized $packet .= "\x00" if length( $packet ) % 2; $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } sub parse_tcp_options { # # dissect tcp options header. see: # http://www.networksorcery.com/enp/protocol/tcp.htm#Options # # we create an byte array from the options header # and iterate through that. If we find an option # kind number we act accordingly (sometimes it has # a fixed length, sometimes a variable one). # once we've got the option stored, we shift the # bytes we fetched away from the byte array and # re-enter the loop. my $self = shift; my $opts = $self->{options}; my @bytes = split //, $opts; my %options; my $size; ENTRY: $size = $#bytes; foreach my $byte (@bytes) { my $kind = unpack('C', $byte); if($kind == 2) { # MSS. # next byte is size, set to 4 # next 2 bytes are mss value 16 bit unsigned short $options{mss} = unpack('n', $bytes[2] . $bytes[3]); shift @bytes; shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 1) { # a noop shift @bytes; goto ENTRY; } elsif ($kind == 3) { # Windows Scale Factor # next byte is size, set to 3 # next byte is shift count, 8 bit unsigned $options{ws} = unpack('C', $bytes[2]); shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 4) { # SACK Permitted # next byte is length $options{sack} = unpack('C', $bytes[1]); shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 5) { # SACK Blocks # next byte is length, 2 + (number of blocks * 8) # in every block, # former 4 bytes is SACK left edge, 32 bit unsigned int # latter 4 bytes is SACK right edge, 32 bit unsigned int my $block_num = (unpack('C', $bytes[1]) - 2) / 8; shift @bytes; shift @bytes; my @sack_blocks; for (1..$block_num) { push @sack_blocks, [unpack('N', join '', @bytes[0..3]), unpack('N', join '', @bytes[4..7])]; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; } $options{sack_blocks} = \@sack_blocks; } elsif ($kind == 8) { # timestamp # next byte is length, set to 10 # next 4 byte is timestamp, 32 bit unsigned int # next 4 byte is timestamp echo reply, 32 bit unsigned int $options{ts} = unpack('N', join '', @bytes[2..5]); $options{er} = unpack('N', join '', @bytes[6,7,8,9]); shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } } return wantarray ? %options : \%options; } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below __END__ =pod =head1 NAME NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::TCP; $tcp_obj = NetPacket::TCP->decode($raw_pkt); $tcp_pkt = $tcp_obj->encode($ip_pkt); $tcp_data = NetPacket::TCP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode($ip_obj)> Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum. =item C<$packet-Eparse_tcp_options> Returns a hash (or a hash ref in scalar context) contaning the packet's options. For now the method only recognizes well-known and widely used options (MSS, noop, windows scale factor, SACK permitted, SACK, timestamp). If the packet contains options unknown to the method, it may fail. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_port The source TCP port for the packet. =item dest_port The destination TCP port for the packet. =item seqnum The TCP sequence number for this packet. =item acknum The TCP acknowledgement number for this packet. =item hlen The header length for this packet. =item reserved The 6-bit "reserved" space in the TCP header. =item flags Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet. =item winsize The TCP window size for this packet. =item cksum The TCP checksum. =item urg The TCP urgent pointer. =item options Any TCP options for this packet in binary form. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag. =item exportable tcp_strip =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script is a primitive pop3 sniffer. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP qw(:strip); use NetPacket::TCP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt))); if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) { print($tcp_obj->{data}); } } Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp'); The following uses NetPacket together with Net::Divert to add a syn flag to all TCP packets passing through: #!/usr/bin/perl use Net::Divert; use NetPacket::IP qw(IP_PROTO_TCP); use NetPacket::TCP; $divobj = Net::Divert->new('yourhostname',9999); $divobj->getPackets(\&alterPacket); sub alterPacket { my($packet,$fwtag) = @_; # decode the IP header $ip_obj = NetPacket::IP->decode($packet); # check if this is a TCP packet if($ip_obj->{proto} == IP_PROTO_TCP) { # decode the TCP header $tcp_obj = NetPacket::TCP->decode($ip_obj->{data}); # set the syn flag $tcp_obj->{flags} |= SYN; # construct the new ip packet $ip_obj->{data} = $tcp_obj->encode($ip_obj); $packet = $ip_obj->encode; } # write it back out $divobj->putPacket($packet,$fwtag); } =head1 TODO =over =item Assembly of TCP fragments into a data stream =item Option processing =item Nicer processing of TCP flags =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut NetPacket-1.4.4/lib/NetPacket/IP.pm0000644000175000017500000002206312246412375016217 0ustar yanickyanick# # NetPacket::IP - Decode and encode IP (Internet Protocol) packets. # # Encoding part by Stephanie Wehner, atrak@itsx.com package NetPacket::IP; BEGIN { $NetPacket::IP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::IP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble IP (Internet Protocol) packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); use NetPacket; BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(ip_strip IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP IP_VERSION_IPv4 IP_FLAG_MOREFRAGS IP_FLAG_DONTFRAG IP_FLAG_CONGESTION IP_MAXPACKET ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], protos => [qw(IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP)], versions => [qw(IP_VERSION_IPv4)], strip => [qw(ip_strip)], flags => [qw(IP_FLAG_MOREFRAGS IP_FLAG_DONTFRAG IP_FLAG_CONGESTION)], ); } # # Partial list of IP protocol values from RFC 1700 # use constant IP_PROTO_IP => 0; # Dummy protocol for TCP use constant IP_PROTO_ICMP => 1; # Internet Control Message Protocol use constant IP_PROTO_IGMP => 2; # Internet Group Management Protocol use constant IP_PROTO_IPIP => 4; # IP in IP encapsulation use constant IP_PROTO_TCP => 6; # Transmission Control Protocol use constant IP_PROTO_UDP => 17; # User Datagram Protocol # # Partial list of IP version numbers from RFC 1700 # use constant IP_VERSION_IPv4 => 4; # IP version 4 # # Flag values # use constant IP_FLAG_MOREFRAGS => 1; # More fragments coming use constant IP_FLAG_DONTFRAG => 2; # Don't fragment me use constant IP_FLAG_CONGESTION => 4; # Congestion present # Maximum IP Packet size use constant IP_MAXPACKET => 65535; # Convert 32-bit IP address to dotted quad notation sub to_dotquad { my($net) = @_ ; my($na, $nb, $nc, $nd); $na = $net >> 24 & 255; $nb = $net >> 16 & 255; $nc = $net >> 8 & 255; $nd = $net & 255; return ("$na.$nb.$nc.$nd"); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode IP packet if (defined($pkt)) { my $tmp; ($tmp, $self->{tos},$self->{len}, $self->{id}, $self->{foffset}, $self->{ttl}, $self->{proto}, $self->{cksum}, $self->{src_ip}, $self->{dest_ip}, $self->{options}) = unpack('CCnnnCCnNNa*' , $pkt); # Extract bit fields $self->{ver} = ($tmp & 0xf0) >> 4; $self->{hlen} = $tmp & 0x0f; $self->{flags} = $self->{foffset} >> 13; $self->{foffset} = ($self->{foffset} & 0x1fff) << 3; # Decode variable length header options and remaining data in field my $olen = $self->{hlen} - 5; $olen = 0 if $olen < 0; # Check for bad hlen # Option length is number of 32 bit words $olen = $olen * 4; ($self->{options}, $self->{data}) = unpack("a" . $olen . "a*", $self->{options}); my $length = $self->{hlen}; $length = 5 if $length < 5; # precaution against bad header # truncate data to the length given by the header $self->{data} = substr $self->{data}, 0, $self->{len} - 4 * $length; # Convert 32 bit ip addresses to dotted quad notation $self->{src_ip} = to_dotquad($self->{src_ip}); $self->{dest_ip} = to_dotquad($self->{dest_ip}); } return bless $self, $class; } # # Strip header from packet and return the data contained in it # undef &ip_strip; # Create ip_strip alias *ip_strip = \&strip; sub strip { my ($pkt) = @_; my $ip_obj = NetPacket::IP->decode($pkt); return $ip_obj->{data}; } # # Encode a packet # sub encode { my $self = shift; my ($hdr,$packet,$zero,$tmp,$offset); my ($src_ip, $dest_ip); # create a zero variable $zero = 0; # adjust the length of the packet $self->{len} = ($self->{hlen} * 4) + length($self->{data}); $tmp = $self->{hlen} & 0x0f; $tmp = $tmp | (($self->{ver} << 4) & 0xf0); $offset = $self->{flags} << 13; $offset = $offset | (($self->{foffset} >> 3) & 0x1fff); # convert the src and dst ip $src_ip = gethostbyname($self->{src_ip}); $dest_ip = gethostbyname($self->{dest_ip}); # construct header to calculate the checksum $hdr = pack('CCnnnCCna4a4a*', $tmp, $self->{tos},$self->{len}, $self->{id}, $offset, $self->{ttl}, $self->{proto}, $zero, $src_ip, $dest_ip, $self->{options}); $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($hdr)); # make the entire packet $packet = pack('CCnnnCCna4a4a*a*', $tmp, $self->{tos},$self->{len}, $self->{id}, $offset, $self->{ttl}, $self->{proto}, $self->{cksum}, $src_ip, $dest_ip, $self->{options}, $self->{data}); return($packet); } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::IP - Assemble and disassemble IP (Internet Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::IP; $ip_obj = NetPacket::IP->decode($raw_pkt); $ip_pkt = NetPacket::IP->encode($ip_obj); $ip_data = NetPacket::IP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using IP (Internet Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode()> Return an IP packet encoded with the instance data specified. This will infer the total length of the packet automatically from the payload length and also adjust the checksum. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the IP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item ver The IP version number of this packet. =item hlen The IP header length of this packet. =item flags The IP header flags for this packet. =item foffset The IP fragment offset for this packet. =item tos The type-of-service for this IP packet. =item len The length (including length of header) in bytes for this packet. =item id The identification (sequence) number for this IP packet. =item ttl The time-to-live value for this packet. =item proto The IP protocol number for this packet. =item cksum The IP checksum value for this packet. =item src_ip The source IP address for this packet in dotted-quad notation. =item dest_ip The destination IP address for this packet in dotted-quad notation. =item options Any IP options for this packet. =item data The encapsulated data (payload) for this IP packet. =back =head2 Exports =over =item default none =item exportable IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP IP_VERSION_IPv4 =item tags The following tags group together related exportable items. =over =item C<:protos> IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP =item C<:versions> IP_VERSION_IPv4 =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps IP frames by IP address and protocol to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; sub process_pkt { my ($user, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); print("$ip_obj->{src_ip}:$ip_obj->{dest_ip} $ip_obj->{proto}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'ip'); =head1 TODO =over =item IP option decoding - currently stored in binary form. =item Assembly of received fragments =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.4.4/lib/NetPacket/UDP.pm0000644000175000017500000001566412246412375016350 0ustar yanickyanick# # NetPacket::UDP - Decode and encode UDP (User Datagram Protocol) # packets. package NetPacket::UDP; BEGIN { $NetPacket::UDP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::UDP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble UDP (User Datagram Protocol) packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); use NetPacket; use NetPacket::IP; BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(udp_strip ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], strip => [qw(udp_strip)], ); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode UDP packet if (defined($pkt)) { ($self->{src_port}, $self->{dest_port}, $self->{len}, $self->{cksum}, $self->{data}) = unpack("nnnna*", $pkt); } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it # undef &udp_strip; *udp_strip = \&strip; sub strip { return decode(__PACKAGE__,shift)->{data}; } # # Encode a packet # sub encode { my ($self, $ip) = @_; # Adjust the length accordingly $self->{len} = 8 + length($self->{data}); # First of all, fix the checksum $self->checksum($ip); # Put the packet together return pack("nnnna*", $self->{src_port},$self->{dest_port}, $self->{len}, $self->{cksum}, $self->{data}); } # # UDP Checksum # sub checksum { my( $self, $ip ) = @_; my $proto = NetPacket::IP::IP_PROTO_UDP; # Pack pseudo-header for udp checksum my $src_ip = gethostbyname($ip->{src_ip}); my $dest_ip = gethostbyname($ip->{dest_ip}); no warnings; my $packet = pack 'a4a4CCnnnnna*' => # fake ip header part $src_ip, $dest_ip, 0, $proto, $self->{len}, # proper UDP part $self->{src_port}, $self->{dest_port}, $self->{len}, 0, $self->{data}; $packet .= "\x00" if length($packet) % 2; $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } 1; __END__ =pod =head1 NAME NetPacket::UDP - Assemble and disassemble UDP (User Datagram Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::UDP; $udp_obj = NetPacket::UDP->decode($raw_pkt); $udp_pkt = $udp_obj->encode($l3_obj); $udp_data = NetPacket::UDP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using UDP (User Datagram Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item C<$udp_packet-encode($l3_obj)> Return the encoded version of the UDP packet object. Needs part of the IP header contained (src_ip and dest_ip specifically) in $l3_obj, in order to calculate the UDP checksum. The length field will also be set automatically based on values provided. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the UDP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_port The source UDP port for the datagram. =item dest_port The destination UDP port for the datagram. =item len The length (including length of header) in bytes for this packet. =item cksum The checksum value for this packet. =item data The encapsulated data (payload) for this packet. =back =head2 IP data The IP data for the $l3_obj object consists of the following fields. Additional items may be supplied as well as passing the whole object returned by NetPacket::IP->decode but are unnecessary. =over =item src_ip The source IP for the datagram =item dest_ip The destination IP for the datagram =back =head2 Exports =over =item default none =item exportable udp_strip =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following example prints the source IP address and port, the destination IP address and port, and the UDP packet length: #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; use NetPacket::UDP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $udp_obj = NetPacket::UDP->decode($ip_obj->{data}); print("$ip_obj->{src_ip}:$udp_obj->{src_port} -> ", "$ip_obj->{dest_ip}:$udp_obj->{dest_port} ", "$udp_obj->{len}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'udp'); The following is an example use in combination with Net::Divert to alter the payload of packets that pass through. All occurences of foo will be replaced with bar. This example is easy to test with netcat, but otherwise makes little sense. :) Adapt to your needs: use Net::Divert; use NetPacket::IP qw(IP_PROTO_UDP); use NetPacket::UDP; $divobj = Net::Divert->new('yourhost',9999); $divobj->getPackets(\&alterPacket); sub alterPacket { my ($data, $fwtag) = @_; $ip_obj = NetPacket::IP->decode($data); if($ip_obj->{proto} == IP_PROTO_UDP) { # decode the UDP header $udp_obj = NetPacket::UDP->decode($ip_obj->{data}); # replace foo in the payload with bar $udp_obj->{data} =~ s/foo/bar/g; # re-encode the packet $ip_obj->{data} = $udp_obj->encode($udp_obj, $ip_obj); $data = $ip_obj->encode; } $divobj->putPacket($data,$fwtag); } =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE Yanick Champoux =cut NetPacket-1.4.4/lib/NetPacket/Ethernet.pm0000644000175000017500000001515012246412375017464 0ustar yanickyanickpackage NetPacket::Ethernet; BEGIN { $NetPacket::Ethernet::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::Ethernet::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble ethernet packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); BEGIN { @ISA = qw(Exporter NetPacket); @EXPORT = qw(); my @eth_types = qw/ ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_RARP ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP ETH_TYPE_802_1Q ETH_TYPE_IPX ETH_TYPE_PPPOED ETH_TYPE_PPPOES /; @EXPORT_OK = ( 'eth_strip', @eth_types ); %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], strip => [qw(eth_strip)], types => \@eth_types, ); } # # Partial list of ethernet protocol types from # http://www.isi.edu/in-notes/iana/assignments/ethernet-numbers # use constant ETH_TYPE_IP => 0x0800; use constant ETH_TYPE_ARP => 0x0806; use constant ETH_TYPE_APPLETALK => 0x809b; use constant ETH_TYPE_RARP => 0x8035; use constant ETH_TYPE_SNMP => 0x814c; use constant ETH_TYPE_IPv6 => 0x86dd; use constant ETH_TYPE_PPP => 0x880b; use constant ETH_TYPE_802_1Q => 0x8100; use constant ETH_TYPE_IPX => 0x8137; use constant ETH_TYPE_PPPOED => 0x8863; use constant ETH_TYPE_PPPOES => 0x8864; # # VLAN Tag field masks # use constant VLAN_MASK_PCP => 0xE000; use constant VLAN_MASK_CFI => 0x1000; use constant VLAN_MASK_VID => 0x0FFF; # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ethernet packet if (defined($pkt)) { my($sm_lo, $sm_hi, $dm_lo, $dm_hi, $tcid); ($dm_hi, $dm_lo, $sm_hi, $sm_lo, $self->{type}) = unpack('NnNnn' , $pkt); # Check for 802.1Q VLAN tag and unpack to account for 4-byte offset if ($self->{type} == ETH_TYPE_802_1Q) { $self->{tpid} = ETH_TYPE_802_1Q; ( $tcid, $self->{type}, $self->{data} ) = unpack('x14nna*' , $pkt); # Break down VLAN tag TCI into: PCP, CFI, VID $self->{pcp} = $tcid & VLAN_MASK_PCP >> 13; $self->{cfi} = $tcid & VLAN_MASK_CFI >> 12; $self->{vid} = $tcid & VLAN_MASK_VID; } else { ( $self->{data} ) = unpack('x14a*' , $pkt); } # Convert MAC addresses to hex string to avoid representation problems $self->{src_mac} = sprintf "%08x%04x", $sm_hi, $sm_lo; $self->{dest_mac} = sprintf "%08x%04x", $dm_hi, $dm_lo; } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it # undef ð_strip; # Create eth_strip alias *eth_strip = \&strip; sub strip { my ($pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); return $eth_obj->{data}; } # # Encode a packet - not implemented! # sub encode { die("Not implemented"); } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::Ethernet - Assemble and disassemble ethernet packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::Ethernet; $eth_obj = NetPacket::Ethernet->decode($raw_pkt); $eth_pkt = NetPacket::Ethernet->encode(params...); # Not implemented $eth_data = NetPacket::Ethernet::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using the Ethernet protocol. =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return an ethernet packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the ethernet packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_mac The source MAC address for the ethernet packet as a hex string. =item dest_mac The destination MAC address for the ethernet packet as a hex string. =item type The protocol type for the ethernet packet. =item data The payload for the ethernet packet. =back =head2 Exports =over =item default none =item exportable ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP =item tags The following tags group together related exportable items. =over =item C<:types> ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP =item C<:strip> Import the strip function C which is an alias for C =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps ethernet frames by mac address and protocol to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); print("$eth_obj->{src_mac}:$eth_obj->{dest_mac} $eth_obj->{type}\n"); } Net::PcapUtils::loop(\&process_pkt); =head1 TODO =over =item Implement C function =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.4.4/lib/NetPacket/ICMP.pm0000644000175000017500000001522712246412375016443 0ustar yanickyanickpackage NetPacket::ICMP; BEGIN { $NetPacket::ICMP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::ICMP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble ICMP (Internet Control Message Protocol) packets. use strict; use vars qw( @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(icmp_strip ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], types => [qw(ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY)], strip => [qw(icmp_strip)], ); } # ICMP Types use constant ICMP_ECHOREPLY => 0; use constant ICMP_UNREACH => 3; use constant ICMP_SOURCEQUENCH => 4; use constant ICMP_REDIRECT => 5; use constant ICMP_ECHO => 8; use constant ICMP_ROUTERADVERT => 9; use constant ICMP_ROUTERSOLICIT => 10; use constant ICMP_TIMXCEED => 11; use constant ICMP_PARAMPROB => 12; use constant ICMP_TSTAMP => 13; use constant ICMP_TSTAMPREPLY => 14; use constant ICMP_IREQ => 15; use constant ICMP_IREQREPLY => 16; use constant ICMP_MASKREQ => 17; use constant ICMP_MASKREPLY => 18; # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ICMP packet if (defined($pkt)) { ($self->{type}, $self->{code}, $self->{cksum}, $self->{data}) = unpack("CCna*", $pkt); } # Return a blessed object bless($self, $class); return $self; } # # Strip a packet of its header and return the data # undef &icmp_strip; *icmpstrip = \&strip; sub strip { my ($pkt) = @_; my $icmp_obj = decode($pkt); return $icmp_obj->{data}; } # # Encode a packet # sub encode { my $self = shift; my ($ip) = @_; my ($packet); # Checksum the packet $self->checksum(); # Put the packet together $packet = pack("CCna*", $self->{type}, $self->{code}, $self->{cksum}, $self->{data}); return($packet); } # # Calculate ICMP checksum sub checksum { my $self = shift; my ($ip) = @_; my ($packet,$zero); # Put the packet together for checksumming $zero = 0; $packet = pack("CCna*", $self->{type}, $self->{code}, $zero, $self->{data}); $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::ICMP - Assemble and disassemble ICMP (Internet Control Message Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::ICMP; $icmp_obj = NetPacket::ICMP->decode($raw_pkt); $icmp_pkt = NetPacket::ICMP->encode(); $icmp_data = NetPacket::ICMP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode()> Return an ICMP packet encoded with the instance data specified. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the ICMP packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item type The ICMP message type of this packet. =item code The ICMP message code of this packet. =item cksum The checksum for this packet. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default none =item exportable ICMP message types: ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY =item tags The following tags group together related exportable items. =over =item C<:types> ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following example prints the ICMP type, code, and checksum fields. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP qw(:strip); use NetPacket::ICMP; sub process_pkt { my ($user, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $icmp_obj = NetPacket::ICMP->decode(ip_strip($ip_obj)); print("Type: $icmp_obj->{type}\n"); print("Code: $icmp_obj->{code}\n"); print("Checksum: $icmp_obj->{cksum}\n\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'icmp'); =head1 TODO =over =item Create constants =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.4.4/lib/NetPacket/USBMon.pm0000644000175000017500000001716212246412375017016 0ustar yanickyanickpackage NetPacket::USBMon; BEGIN { $NetPacket::USBMon::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::USBMon::VERSION = '1.4.4'; } #ABSTRACT: Assemble and disassemble USB packets captured via Linux USBMon interface. use 5.10.0; use strict; use vars qw(@ISA @EXPORT_OK %EXPORT_TAGS); use NetPacket; BEGIN { @ISA = qw(Exporter NetPacket); @EXPORT_OK = qw( USB_TYPE_SUBMISSION USB_TYPE_CALLBACK USB_TYPE_ERROR USB_XFER_TYPE_ISO USB_XFER_TYPE_INTR USB_XFER_TYPE_CONTROL USB_XFER_TYPE_BULK USB_FLAG_SETUP_IRRELEVANT USB_FLAG_SETUP_RELEVANT USB_FLAG_DATA_ERROR USB_FLAG_DATA_INCOMING USB_FLAG_DATA_OUTGOING USB_FLAG_DATA_PRESENT USB_TYPE_VENDOR ); %EXPORT_TAGS =( ALL => \@EXPORT_OK, types => [qw(USB_TYPE_SUBMISSION USB_TYPE_CALLBACK USB_TYPE_ERROR)], xfer_types => [qw(USB_XFER_TYPE_ISO USB_XFER_TYPE_INTR USB_XFER_TYPE_CONTROL USB_XFER_TYPE_BULK)], setup_flags => [qw(USB_FLAG_SETUP_IRRELEVANT USB_FLAG_SETUP_RELEVANT)], data_flags => [qw(USB_FLAG_DATA_ERROR USB_FLAG_DATA_INCOMING USB_FLAG_DATA_OUTGOING USB_FLAG_DATA_PRESENT)], setup_types => [qw(USB_TYPE_VENDOR)], ); } use constant USB_TYPE_SUBMISSION => 'S'; use constant USB_TYPE_CALLBACK => 'C'; use constant USB_TYPE_ERROR => 'E'; use constant USB_XFER_TYPE_ISO => 0; use constant USB_XFER_TYPE_INTR => 1; use constant USB_XFER_TYPE_CONTROL => 2; use constant USB_XFER_TYPE_BULK => 3; use constant USB_FLAG_SETUP_IRRELEVANT => '-'; use constant USB_FLAG_SETUP_RELEVANT => chr(0); use constant USB_FLAG_DATA_ERROR => 'E'; use constant USB_FLAG_DATA_INCOMING => '<'; use constant USB_FLAG_DATA_OUTGOING => '>'; use constant USB_FLAG_DATA_PRESENT => chr(0); use constant USB_TYPE_VENDOR => 0x40; sub decode { my $class = shift; my $packet = shift; my $parent = shift; my($id, $type, $xfer_type, $epnum, $devnum, $busnum, $flag_setup, $flag_data, $ts_sec, $ts_usec, $status, $length, $len_cap, $s, $interval, $start_frame, $xfer_flags, $ndesc, $rest) = unpack('a8CCCCS $parent, _frame => $packet, id => $id, type => chr($type), xfer_type => $xfer_type, ep => { num => ($epnum & 0x7f), dir => ($epnum & 0x80 ? 'IN' : 'OUT'), }, devnum => $devnum, busnum => $busnum, flag_setup => chr($flag_setup), flag_data => chr($flag_data), ts_sec => $ts_sec, ts_usec => $ts_usec, status => $status, length => $length, len_cap => $len_cap, interval => $interval, start_frame => $start_frame, xfer_flags => $xfer_flags, ndesc => $ndesc, }; # Setup if ($self->{flag_setup} ne USB_FLAG_SETUP_IRRELEVANT) { my $setup = {}; my $rest; ($setup->{bmRequestType}, $setup->{bRequest}, $rest) = unpack('CCa*', $s); if ($setup->{bmRequestType} & USB_TYPE_VENDOR) { ($setup->{wValue}, $setup->{wIndex}, $setup->{wLength}) = unpack('S<3', $rest); } else { # Unknown setup request; $setup->{data} = $rest; } $self->{setup} = $setup; } # Isochronous descriptors if ($self->{xfer_type} == USB_XFER_TYPE_ISO) { my $iso = {}; ($iso->{error_count}, $iso->{numdesc}) = unpack('i{iso} = $iso; } # Data warn 'Payload length mismatch' if length($rest) ne $self->{len_cap}; $self->{data} = $rest; return bless $self, $class; } 1; __END__ =pod =head1 NAME NetPacket::USBMon - Assemble and disassemble USB packets captured via Linux USBMon interface. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::USBMon; $usb = NetPacket::USBMon->decode($raw_pkt); =head1 DESCRIPTION C is a L decoder of USB packets captured via Linux USBMon interface. =head2 Methods =over =item Cdecode([RAW PACKET])> Decode a USB packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item id An in-kernel address of the USB Request Block (URB). Stays the same for the transaction submission and completion. Might be truncatted when reading a 64-bit capture with 32-bit file. =item type URB type. Character 'S', 'C' or 'E', for constants USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK or USB_TYPE_ERROR. =item xfer_type Transfer type. USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL or USB_XFER_TYPE_BULK. =item ep Endpoint identification. =over 8 =item num Endpoint number. =item dir Transfer direction. "IN" or "OUT". =back =item devnum Device address. =item busnum Bus number. =item flag_setup Indicates whether setup is present and makes sense. =item flag_data Indicates whether data is present and makes sense. =item ts_sec Timestamp seconds since epoch. Subject to truncation with 32-bit Perl, which should be fine until 2038. =item ts_usec Timestamp microseconds. =item status URB status. Negative errno. =item length Length of data (submitted or actual). =item len_cap Delivered length =item setup Only present for packets with setup_flag turned on. Some contents are dependent on actual request type. =over 8 =item bmRequestType =item bRequest =item wValue =item wIndex =item wLength =back =item iso Only present for isochronous transfers. =over 8 =item error_count =item numdesc =back =item interval Isochronous packet response rate. =item start_frame Only applicable to isochronous transfers. =item xfer_flags A copy of URB's transfer_flags. =item ndesc Actual number of isochronous descriptors. =item data Packet payload. =back =head2 Exports =over =item default none =item exportable USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK, USB_TYPE_ERROR, USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL, USB_XFER_TYPE_BULK, USB_FLAG_SETUP_IRRELEVANT, USB_FLAG_SETUP_RELEVANT, USB_FLAG_DATA_ERROR, USB_FLAG_DATA_INCOMING, USB_FLAG_DATA_OUTGOING, USB_FLAG_DATA_PRESENT, USB_TYPE_VENDOR =item tags The following tags group together related exportable items. =over =item C<:types> USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK, USB_TYPE_ERROR =item C<:xfer_types> USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL, USB_XFER_TYPE_BULK =item C<:setup_flags> USB_FLAG_SETUP_IRRELEVANT, USB_FLAG_SETUP_RELEVANT =item C<:data_flags> USB_FLAG_DATA_ERROR, USB_FLAG_DATA_INCOMING, USB_FLAG_DATA_OUTGOING, USB_FLAG_DATA_PRESENT =item C<:setup_types> USB_TYPE_VENDOR =item C<:ALL> All the above exportable items. =back =back =head1 COPYRIGHT Copyright (c) 2013 Lubomir Rintel. This module is free software. You can redistribute it and/or modify it under the same terms as Perl itself. =head1 AUTHOR Lubomir Rintel Elkundrak@v3.skE =cut NetPacket-1.4.4/lib/NetPacket/ARP.pm0000644000175000017500000001170212246412375016327 0ustar yanickyanickpackage NetPacket::ARP; BEGIN { $NetPacket::ARP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::ARP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble ARP (Address Resolution Protocol) packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(arp_strip ARP_OPCODE_REQUEST ARP_OPCODE_REPLY RARP_OPCODE_REQUEST RARP_OPCODE_REPLY ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], opcodes => [qw(ARP_OPCODE_REQUEST ARP_OPCODE_REPLY RARP_OPCODE_REQUEST RARP_OPCODE_REPLY)], strip => [qw(arp_strip)], ); } # # List of opcode values # use constant ARP_OPCODE_REQUEST => 1; use constant ARP_OPCODE_REPLY => 2; use constant RARP_OPCODE_REQUEST => 3; use constant RARP_OPCODE_REPLY => 4; # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ARP packet if (defined($pkt)) { ($self->{htype}, $self->{proto}, $self->{hlen}, $self->{plen}, $self->{opcode}, $self->{sha}, $self->{spa}, $self->{tha}, $self->{tpa}) = unpack('nnCCnH12H8H12H8' , $pkt); $self->{data} = undef; } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it. ARP # packets contain no encapsulated data. # undef &arp_strip; *arp_strip = \&strip; sub strip { return undef; } # # Encode a packet # sub encode { die("Not implemented"); } # Module return value 1; =pod =head1 NAME NetPacket::ARP - Assemble and disassemble ARP (Address Resolution Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::ARP; $tcp_obj = NetPacket::ARP->decode($raw_pkt); $tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return a ARP packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item htype Hardware type. =item proto Protocol type. =item hlen Header length. =item plen Protocol length. =item opcode One of the following constants: =over =item * ARP_OPCODE_REQUEST =item * ARP_OPCODE_REPLY =item * RARP_OPCODE_REQUEST =item * RARP_OPCODE_REPLY =back =item sha Source hardware address. =item spa Source protocol address. =item tha Target hardware address. =item tpa Target protocol address. =back =head2 Exports =over =item default none =item exportable none =item tags The following tags group together related exportable items. =over =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE Print out arp requests on the local network. #!/usr/bin/perl -w use Net::PcapUtils; use NetPacket::Ethernet qw(:types); use NetPacket::ARP; sub process_pkt { my ($arg, $hdr, $pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); if ($eth_obj->{type} == ETH_TYPE_ARP) { my $arp_obj = NetPacket::ARP->decode($eth_obj->{data}, $eth_obj); print("source hw addr=$arp_obj->{sha}, " . "dest hw addr=$arp_obj->{tha}\n"); } } Net::PcapUtils::loop(\&process_pkt); =head1 TODO =over =item Implement encode() function =item Does this work for protocols other than IP? Need to read RFC. =item Example is a bit silly =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.4.4/lib/NetPacket/IGMP.pm0000644000175000017500000001465312246412375016451 0ustar yanickyanick# # NetPacket::IGMP - Decode and encode IGMP (Internet Group Management # Protocol) packets. package NetPacket::IGMP; BEGIN { $NetPacket::IGMP::AUTHORITY = 'cpan:YANICK'; } { $NetPacket::IGMP::VERSION = '1.4.4'; } # ABSTRACT: Assemble and disassemble IGMP (Internet Group Mangement Protocol) packets. use strict; use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); BEGIN { @ISA = qw(Exporter NetPacket); # Items to export into callers namespace by default # (move infrequently used names to @EXPORT_OK below) @EXPORT = qw( ); # Other items we are prepared to export if requested @EXPORT_OK = qw(igmp_strip IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 IGMP_MSG_HOST_MQUERY IGMP_MSG_HOST_MREPORT IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS ); # Tags: %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], strip => [qw(igmp_strip)], versions => [qw(IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112)], msgtypes => [qw(IGMP_HOST_MQUERY IGMP_HOST_MREPORT)], group_addrs => [qw(IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS)] ); } # # Version numbers # use constant IGMP_VERSION_RFC998 => 0; # Version 0 of IGMP (obsolete) use constant IGMP_VERSION_RFC1112 => 1; # Version 1 of IGMP # # Message types # use constant IGMP_MSG_HOST_MQUERY => 1; # Host membership query use constant IGMP_MSG_HOST_MREPORT => 2; # Host membership report # # IGMP IP addresses # use constant IGMP_IP_NO_HOSTS => '224.0.0.0'; # Not assigned to anyone use constant IGMP_IP_ALL_HOSTS => '224.0.0.1'; # All hosts on local net use constant IGMP_IP_ALL_ROUTERS => '224.0.0.2'; # All routers on local net # Convert 32-bit IP address to "dotted quad" notation sub to_dotquad { my($net) = @_ ; my($na, $nb, $nc, $nd); $na = $net >> 24 & 255; $nb = $net >> 16 & 255; $nc = $net >> 8 & 255; $nd = $net & 255; return ("$na.$nb.$nc.$nd"); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode IGMP packet if (defined($pkt)) { my $tmp; ($tmp, $self->{subtype}, $self->{cksum}, $self->{group_addr}, $self->{data}) = unpack('CCnNa*', $pkt); # Extract bit fields $self->{version} = ($tmp & 0xf0) >> 4; $self->{type} = $tmp & 0x0f; # Convert to dq notation $self->{group_addr} = to_dotquad($self->{group_addr}); } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it. IGMP # packets contain no encapsulated data. # undef &igmp_strip; *igmp_strip = \&strip; sub strip { return undef; } # # Encode a packet # sub encode { die("Not implemented"); } # Module return value 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::IGMP - Assemble and disassemble IGMP (Internet Group Mangement Protocol) packets. =head1 VERSION version 1.4.4 =head1 SYNOPSIS use NetPacket::IGMP; $igmp_obj = NetPacket::IGMP->decode($raw_pkt); $igmp_pkt = NetPacket::IGMP->encode(params...); # Not implemented $igmp_data = NetPacket::IGMP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using IGMP (Internet Group Mangement Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return an IGMP packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the IGMP packet. This function returns undef as there is no encapsulated data in an IGMP packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item version The IGMP version of this packet. =item type The message type for this packet. =item len The length (including length of header) in bytes for this packet. =item subtype The message subtype for this packet. =item cksum The checksum for this packet. =item group_addr The group address specified in this packet. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default none =item exportable IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 IGMP_HOST_MQUERY IGMP_HOST_MREPORT IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:versions> IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 =item C<:msgtypes> IGMP_HOST_MQUERY IGMP_HOST_MREPORT =item C<:group_addrs> IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps UDP frames by IP address and UDP port to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; use NetPacket::IGMP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $igmp_obj = NetPacket::IGMP->decode($ip_obj->{data}); print("$ip_obj->{src_ip} -> $ip_obj->{dest_ip} ", "$igmp_obj->{type}/$igmp_obj->{subtype} ", "$igmp_obj->{group_addr}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'igmp'); =head1 TODO =over =item Implement encode() function =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.4.4/MANIFEST0000644000175000017500000000073412246412375014057 0ustar yanickyanickBuild.PL CONTRIBUTORS Changes INSTALL LICENSE MANIFEST META.json META.yml README README.mkdn SIGNATURE lib/NetPacket.pm lib/NetPacket/ARP.pm lib/NetPacket/Ethernet.pm lib/NetPacket/ICMP.pm lib/NetPacket/IGMP.pm lib/NetPacket/IP.pm lib/NetPacket/TCP.pm lib/NetPacket/UDP.pm lib/NetPacket/USBMon.pm t/00-compile.t t/000-report-versions-tiny.t t/bug-37931.t t/checksum.t t/ethernet.t t/general.t t/icmp.t t/ip_encode.t t/ip_trailing.t t/tcp.t t/udp-checksum.t t/udp.t t/usbmon.t NetPacket-1.4.4/Changes0000644000175000017500000000721612246412375014223 0ustar yanickyanickrevision history for NetPacket 1.4.4 2013-11-30 [BUG FIXES] - NetPacket::USBMon: also handle big endian perl without quad type. (GH#5, Andreas Schwab) - Typo fix in comments. (GH#6, fschlich) [STATISTICS] - code churn: 3 files changed, 13 insertions(+), 4 deletions(-) 1.4.3 2013-10-03 [BUG FIXES] - Unpack data in LittleEndian format. (GH#4, k0da) [STATISTICS] - code churn: 3 files changed, 62 insertions(+), 27 deletions(-) 1.4.2 2013-09-25 [BUG FIXES] - Dist::Zilla::Plugin::Test::Compile was causing test to potentially hang on Windows. (reported by Karen Etheridge) [MISC] - Tidy up the changelog. (GH#3, Neil Bowers) [STATISTICS] - code churn: 2 files changed, 46 insertions(+), 20 deletions(-) 1.4.1 2013-09-05 [BUG FIXES] - Test was using Errno constant and failing on some platforms. [STATISTICS] - code churn: 2 files changed, 15 insertions(+), 7 deletions(-) 1.4.0 2013-08-26 [DOCUMENTATION] - Fixing NetPacked::UDP documentation. (RT#85361, Ben Magistro) [ENHANCEMENTS] - New NetPacket::USBMon. (GH#2, lkundrak) [STATISTICS] - code churn: 8 files changed, 595 insertions(+), 16 deletions(-) 1.3.3 2013-05-15 [BUG FIXES] - Parse SACK option and fix TSecr parsing. (GH#1, Robin Lee) [STATISTICS] - code churn: 5 files changed, 46 insertions(+), 7 deletions(-) 1.3.2 2013-05-03 [BUG FIXES] - Fix NetPacket::UDP's strip. (RT#85038, reported by Stan Schwertly) [STATISTICS] - code churn: 12 files changed, 71 insertions(+), 21 deletions(-) 1.3.1 2011-11-23 [BUG FIXES] - Use of constant withotu parenthesis made test fail under 5.6.2. 1.3.0 2011-11-13 [ENHANCEMENTS] - 'parse_tcp_options()' method added to NetPacket::TCP (patch by Tom Linden) [RT#71320] 1.2.0 2011-07-26 [ENHANCEMENTS] - Add support for Ethernet VLAN (thanks to Kai Chan) 1.1.2 2011-06-20 [BUG FIXES] - Add a INSTALL file 1.1.1 2011-02-07 - Add the new Ethernet types to the export list. (thanks to Sergey, again :-) ) (RT#64799) 1.1.0 2011-01-15 - Add a few Ethernet types. (thanks to Sergey) (RT#64799) 1.0.1 2010-10-19 - Make the example verbatim in pod in NetPacket::UDP (rt#62097) 1.0.0 2010-10-17 - Remove modules NetPacket::ICMPv6, NetPacket::IPv6 and NetPacket::PFLog as the license of the patch clashes with the license of the distribution. (RT#62197) 0.43.2 2010-10-11 - Change the COPYRIGHT sections of the pods to match the Artistic 2.0 license. (RT#60954) 0.43.1 2010-06-11 - Change a test to use explicit number of tests instead of 'done_testing'. 0.43.0 2010-05-23 - Fixed UDP checksum. Thanks to Hal Finkel. (RT#56235) - Added Joel Knight's code for IPv6 support from http://www.packetmischief.ca/code/netpacket/. Thanks to Doug Farley for the bug report. (RT#57560) 0.42.0 2010-03-25 - Updated license to Artistic 2.0 - Fixed bad call to 'data()' in ICMP. Thanks to Ventz Petkov. (RT#52627) 0.41.1 2009-01-06 - Fixed bug 37931: export of ICMP_MASKREQ - Fixed UDP and TCP checksums for odd-sized packets - Fixed import from NetPacket::UDP - Fixed bug 37931: export of ICMP_MASKREQ - Added git repo and bug tracking info to META.yml 0.41.0_0 2008-12-20 - Fixed bug 18941 - NetPacket::IP includes trailing trash bytes in $ip->{data} - Fixed bug 7010 - IP flags field lost in IP::encode() - Added Build.PL - Moved history off the README file into this one (Changes) - Moved module structure to /lib - Version now gathered from NetPacket.pm - META.yml added to MANIFEST - Added myself (Yanick) as author - Switched to major.minor.revision version notation 0.04 2003-05-21 - Checksum offset fix, thanks to J. Hoagland for pointing this out. 0.03 2001-07-30 0.01 1999-04-24 - First release by TIMPOTTER NetPacket-1.4.4/LICENSE0000644000175000017500000002154412246412375013735 0ustar yanickyanickThis software is Copyright (c) 2013 by Tim Potter and Stephanie Wehner. This is free software, licensed under: The Artistic License 2.0 (GPL Compatible) The Artistic License 2.0 Copyright (c) 2000-2006, The Perl Foundation. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble This license establishes the terms under which a given free software Package may be copied, modified, distributed, and/or redistributed. The intent is that the Copyright Holder maintains some artistic control over the development of that Package while still keeping the Package available as open source and free software. You are always permitted to make arrangements wholly outside of this license directly with the Copyright Holder of a given Package. If the terms of this license do not permit the full use that you propose to make of the Package, you should contact the Copyright Holder and seek a different licensing arrangement. Definitions "Copyright Holder" means the individual(s) or organization(s) named in the copyright notice for the entire Package. "Contributor" means any party that has contributed code or other material to the Package, in accordance with the Copyright Holder's procedures. "You" and "your" means any person who would like to copy, distribute, or modify the Package. "Package" means the collection of files distributed by the Copyright Holder, and derivatives of that collection and/or of those files. A given Package may consist of either the Standard Version, or a Modified Version. "Distribute" means providing a copy of the Package or making it accessible to anyone else, or in the case of a company or organization, to others outside of your company or organization. "Distributor Fee" means any fee that you charge for Distributing this Package or providing support for this Package to another party. It does not mean licensing fees. "Standard Version" refers to the Package if it has not been modified, or has been modified only in ways explicitly requested by the Copyright Holder. "Modified Version" means the Package, if it has been changed, and such changes were not explicitly requested by the Copyright Holder. "Original License" means this Artistic License as Distributed with the Standard Version of the Package, in its current version or as it may be modified by The Perl Foundation in the future. "Source" form means the source code, documentation source, and configuration files for the Package. "Compiled" form means the compiled bytecode, object code, binary, or any other form resulting from mechanical transformation or translation of the Source form. Permission for Use and Modification Without Distribution (1) You are permitted to use the Standard Version and create and use Modified Versions for any purpose without restriction, provided that you do not Distribute the Modified Version. Permissions for Redistribution of the Standard Version (2) You may Distribute verbatim copies of the Source form of the Standard Version of this Package in any medium without restriction, either gratis or for a Distributor Fee, provided that you duplicate all of the original copyright notices and associated disclaimers. At your discretion, such verbatim copies may or may not include a Compiled form of the Package. (3) You may apply any bug fixes, portability changes, and other modifications made available from the Copyright Holder. The resulting Package will still be considered the Standard Version, and as such will be subject to the Original License. Distribution of Modified Versions of the Package as Source (4) You may Distribute your Modified Version as Source (either gratis or for a Distributor Fee, and with or without a Compiled form of the Modified Version) provided that you clearly document how it differs from the Standard Version, including, but not limited to, documenting any non-standard features, executables, or modules, and provided that you do at least ONE of the following: (a) make the Modified Version available to the Copyright Holder of the Standard Version, under the Original License, so that the Copyright Holder may include your modifications in the Standard Version. (b) ensure that installation of your Modified Version does not prevent the user installing or running the Standard Version. In addition, the Modified Version must bear a name that is different from the name of the Standard Version. (c) allow anyone who receives a copy of the Modified Version to make the Source form of the Modified Version available to others under (i) the Original License or (ii) a license that permits the licensee to freely copy, modify and redistribute the Modified Version using the same licensing terms that apply to the copy that the licensee received, and requires that the Source form of the Modified Version, and of any works derived from it, be made freely available in that license fees are prohibited but Distributor Fees are allowed. Distribution of Compiled Forms of the Standard Version or Modified Versions without the Source (5) You may Distribute Compiled forms of the Standard Version without the Source, provided that you include complete instructions on how to get the Source of the Standard Version. Such instructions must be valid at the time of your distribution. If these instructions, at any time while you are carrying out such distribution, become invalid, you must provide new instructions on demand or cease further distribution. If you provide valid instructions or cease distribution within thirty days after you become aware that the instructions are invalid, then you do not forfeit any of your rights under this license. (6) You may Distribute a Modified Version in Compiled form without the Source, provided that you comply with Section 4 with respect to the Source of the Modified Version. Aggregating or Linking the Package (7) You may aggregate the Package (either the Standard Version or Modified Version) with other packages and Distribute the resulting aggregation provided that you do not charge a licensing fee for the Package. Distributor Fees are permitted, and licensing fees for other components in the aggregation are permitted. The terms of this license apply to the use and Distribution of the Standard or Modified Versions as included in the aggregation. (8) You are permitted to link Modified and Standard Versions with other works, to embed the Package in a larger work of your own, or to build stand-alone binary or bytecode versions of applications that include the Package, and Distribute the result without restriction, provided the result does not expose a direct interface to the Package. Items That are Not Considered Part of a Modified Version (9) Works (including, but not limited to, modules and scripts) that merely extend or make use of the Package, do not, by themselves, cause the Package to be a Modified Version. In addition, such works are not considered parts of the Package itself, and are not subject to the terms of this license. General Provisions (10) Any use, modification, and distribution of the Standard or Modified Versions is governed by this Artistic License. By using, modifying or distributing the Package, you accept this license. Do not use, modify, or distribute the Package, if you do not accept this license. (11) If your Modified Version has been derived from a Modified Version made by someone other than you, you are nevertheless required to ensure that your Modified Version complies with the requirements of this license. (12) This license does not grant you the right to use any trademark, service mark, tradename, or logo of the Copyright Holder. (13) This license includes the non-exclusive, worldwide, free-of-charge patent license to make, have made, use, offer to sell, sell, import and otherwise transfer the Package with respect to any patent claims licensable by the Copyright Holder that are necessarily infringed by the Package. If you institute patent litigation (including a cross-claim or counterclaim) against any party alleging that the Package constitutes direct or contributory patent infringement, then this Artistic License to you shall terminate on the date that such litigation is filed. (14) Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. NetPacket-1.4.4/README.mkdn0000644000175000017500000000635212246412375014540 0ustar yanickyanick# NAME NetPacket - assemble/disassemble network packets at the protocol level # VERSION version 1.4.4 # SYNOPSIS # NetPacket is a base class only # DESCRIPTION `NetPacket` provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each `NetPacket` descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the `NetPacket::` cluster of modules other than each protocol module being a `NetPacket`. This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. # WRITING YOUR OWN `NetPacket::` MODULE You are encouraged to write additional `NetPacket::` modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a `NetPacket::` module. ## Naming Conventions When creating a module in the `NetPacket::` namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the `NetPacket::` easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto ## Required Methods encode(), decode(), strip() ## Required Fields Every NetPacket:: object should have the following fields. - \_parent A link to the parent `NetPacket::` object in which this `NetPacket::` object is encaulated. This field is undefined if there is no parent object. - \_frame A copy of the raw data of the packet. - data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. # SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. # COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. # AUTHORS Tim Potter Stephanie Wehner Yanick Champoux [![endorse](http://api.coderwall.com/yanick/endorsecount.png)](http://coderwall.com/yanick) NetPacket-1.4.4/Build.PL0000644000175000017500000000241212246412375014215 0ustar yanickyanick use strict; use warnings; use Module::Build 0.3601; my %module_build_args = ( "build_requires" => { "Module::Build" => "0.3601" }, "configure_requires" => { "Module::Build" => "0.3601" }, "dist_abstract" => "assemble/disassemble network packets at the protocol level", "dist_author" => [ "Tim Potter ", "Stephanie Wehner ", "Yanick Champoux " ], "dist_name" => "NetPacket", "dist_version" => "1.4.4", "license" => "artistic_2", "module_name" => "NetPacket", "recommends" => {}, "recursive_test_files" => 1, "requires" => { "constant" => 0, "perl" => "v5.10.0", "strict" => 0, "vars" => 0, "warnings" => 0 }, "script_files" => [], "test_requires" => { "File::Spec" => 0, "IO::Handle" => 0, "IPC::Open3" => 0, "Test::More" => "0.88" } ); my %fallback_build_requires = ( "File::Spec" => 0, "IO::Handle" => 0, "IPC::Open3" => 0, "Module::Build" => "0.3601", "Test::More" => "0.88" ); unless ( eval { Module::Build->VERSION(0.4004) } ) { delete $module_build_args{test_requires}; $module_build_args{build_requires} = \%fallback_build_requires; } my $build = Module::Build->new(%module_build_args); $build->create_build_script; NetPacket-1.4.4/SIGNATURE0000644000175000017500000000515612246412375014215 0ustar yanickyanickThis file contains message digests of all files listed in MANIFEST, signed via the Module::Signature module, version 0.68. To verify the content in this distribution, first make sure you have Module::Signature installed, then type: % cpansign -v It will check each file's integrity, as well as the signature's validity. If "==> Signature verified OK! <==" is not displayed, the distribution may already have been compromised, and you should not run its Makefile.PL or Build.PL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SHA1 857e8c0ea113d04621a7a6527e58a6c66ef10f48 Build.PL SHA1 9588ce60514e59a6d78f58516ce593c8a9b1b7e5 CONTRIBUTORS SHA1 f01054284913c9dedd69e5e47c0a609e6a20f826 Changes SHA1 29b0b7b9d088441a05d8786d0dc4bb3bd558d205 INSTALL SHA1 c2cbad0911cac62d6016e01230686f431b8e8e79 LICENSE SHA1 af5b779acd642a12e7e5d7eb2a76278239fdada8 MANIFEST SHA1 67c3cf214f0aebfaa5207981bf38ed32d3d407c1 META.json SHA1 90d2ab84f7a55f5d0c7d850f595401d4b77e00bb META.yml SHA1 c5828e5b1bf3d202839a073743d1903fc42057b7 README SHA1 1860657046de1bd499fdcb0f67e701f59baa6d05 README.mkdn SHA1 ddbd5869d54649dd6aee5b1ee069fe7091563243 lib/NetPacket.pm SHA1 dd78f2e47a04f6f5dced6a569380ce27e7be7460 lib/NetPacket/ARP.pm SHA1 cf5b95b2466935e99dc9be6e3529a809863ed7ab lib/NetPacket/Ethernet.pm SHA1 64806c43c1504d1749789c2394b974e60fff570c lib/NetPacket/ICMP.pm SHA1 5addcd968d9de290375a67fa3d5f551c0fb195c3 lib/NetPacket/IGMP.pm SHA1 aec2304da86ff502df844617cd1acdf9772eef6b lib/NetPacket/IP.pm SHA1 047e218134c55c29dbcfc0954d1a77de97a3cf72 lib/NetPacket/TCP.pm SHA1 1aa5c49b6855bb2978e364a4d43bca14b521804a lib/NetPacket/UDP.pm SHA1 97d24a2aeddc5652863f4b9e526c5ea89aacf36e lib/NetPacket/USBMon.pm SHA1 c3fec81fac85eb3cdc17d46b6185123bf1839714 t/00-compile.t SHA1 49caa1fc3e93c71dbd13407526a79c33a3869c6b t/000-report-versions-tiny.t SHA1 2f95a288a42eed0173859c5bb9d37caee7e4b26b t/bug-37931.t SHA1 721a206d861139f8f73081b8d337bfcdce4247e5 t/checksum.t SHA1 45f23540d419a608363a53ed11b81c589866406e t/ethernet.t SHA1 382d9d077e64a0ea5ee3263579cbc03df0e5a003 t/general.t SHA1 58f7294a0c74eedb982f75b1c8e8bc9fa5395288 t/icmp.t SHA1 a22909fb4a8ce8621107618ef50c6f92a7a6d36a t/ip_encode.t SHA1 1d4a9e2b54461f15aab9557a081db42eaef2c4b0 t/ip_trailing.t SHA1 bb7498ea4eba6a9df548038c1ad77960ee1633fb t/tcp.t SHA1 540bff42594ee78beb63a7316a4478bc58d7e37b t/udp-checksum.t SHA1 35bfbabbd32ddf83a0ac49db63f69de9ff6eadb2 t/udp.t SHA1 86e62e4a5bceec942b536d2b29f7910f883c6387 t/usbmon.t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iEYEARECAAYFAlKaFPoACgkQ34Hwf+GwC4yLXQCfW++zXuQrXWUmK/eMiMBPKVvw 7X8AoMSxss7UInp1yWod1ezGpRceqdpQ =6BTU -----END PGP SIGNATURE----- NetPacket-1.4.4/INSTALL0000644000175000017500000000165212246412375013757 0ustar yanickyanick This is the Perl distribution NetPacket. Installing NetPacket is straightforward. ## Installation with cpanm If you have cpanm, you only need one line: % cpanm NetPacket If you are installing into a system-wide directory, you may need to pass the "-S" flag to cpanm, which uses sudo to install the module: % cpanm -S NetPacket ## Installing with the CPAN shell Alternatively, if your CPAN shell is set up, you should just be able to do: % cpan NetPacket ## Manual installation As a last resort, you can manually install it. Download the tarball, untar it, then build it: % perl Build.PL % ./Build && ./Build test Then install it: % ./Build install If you are installing into a system-wide directory, you may need to run: % sudo ./Build install ## Documentation NetPacket documentation is available as POD. You can run perldoc from a shell to read the documentation: % perldoc NetPacket NetPacket-1.4.4/CONTRIBUTORS0000644000175000017500000000112612246412375014602 0ustar yanickyanick # NETPACKET CONTRIBUTORS # This is the (likely incomplete) list of people who have helped make this distribution what it is, either via code contributions, patches, bug reports, help with troubleshooting, etc. A huge thank to all of them. * Andreas Schwab * Ben Magistro * Dinar Valeev * Lubomir Rintel * Neil Bowers * Robin Lee * Stan Schwertly * Stephanie Wehner * Tim Potter * fschlich NetPacket-1.4.4/META.json0000644000175000017500000000620112246412375014342 0ustar yanickyanick{ "abstract" : "assemble/disassemble network packets at the protocol level", "author" : [ "Tim Potter ", "Stephanie Wehner ", "Yanick Champoux " ], "dynamic_config" : 0, "generated_by" : "Dist::Zilla version 5.006, CPAN::Meta::Converter version 2.120921", "license" : [ "artistic_2" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : "2" }, "name" : "NetPacket", "prereqs" : { "build" : { "requires" : { "Module::Build" : "0.3601" } }, "configure" : { "requires" : { "Module::Build" : "0.3601" } }, "develop" : { "requires" : { "version" : "0.9901" } }, "runtime" : { "requires" : { "constant" : "0", "perl" : "v5.10.0", "strict" : "0", "vars" : "0", "warnings" : "0" } }, "test" : { "requires" : { "File::Spec" : "0", "IO::Handle" : "0", "IPC::Open3" : "0", "Test::More" : "0.88" } } }, "provides" : { "NetPacket" : { "file" : "lib/NetPacket.pm", "version" : "v1.4.4" }, "NetPacket::ARP" : { "file" : "lib/NetPacket/ARP.pm", "version" : "v1.4.4" }, "NetPacket::Ethernet" : { "file" : "lib/NetPacket/Ethernet.pm", "version" : "v1.4.4" }, "NetPacket::ICMP" : { "file" : "lib/NetPacket/ICMP.pm", "version" : "v1.4.4" }, "NetPacket::IGMP" : { "file" : "lib/NetPacket/IGMP.pm", "version" : "v1.4.4" }, "NetPacket::IP" : { "file" : "lib/NetPacket/IP.pm", "version" : "v1.4.4" }, "NetPacket::TCP" : { "file" : "lib/NetPacket/TCP.pm", "version" : "v1.4.4" }, "NetPacket::UDP" : { "file" : "lib/NetPacket/UDP.pm", "version" : "v1.4.4" }, "NetPacket::USBMon" : { "file" : "lib/NetPacket/USBMon.pm", "version" : "v1.4.4" } }, "release_status" : "stable", "resources" : { "bugtracker" : { "mailto" : "bug-netpacket at rt.cpan.org", "web" : "http://rt.cpan.org/Public/Dist/Display.html?Name=NetPacket" }, "homepage" : "http://search.cpan.org/dist/NetPacket/", "repository" : { "type" : "git", "url" : "https://github.com/yanick/netpacket.git", "web" : "https://github.com/yanick/netpacket" } }, "version" : "1.4.4", "x_authority" : "cpan:YANICK", "x_contributors" : [ "Andreas Schwab ", "Ben Magistro ", "Dinar Valeev ", "Lubomir Rintel ", "Neil Bowers ", "Robin Lee ", "Stan Schwertly ", "Stephanie Wehner ", "Tim Potter ", "fschlich " ] } NetPacket-1.4.4/META.yml0000644000175000017500000000357712246412375014207 0ustar yanickyanick--- abstract: 'assemble/disassemble network packets at the protocol level' author: - 'Tim Potter ' - 'Stephanie Wehner ' - 'Yanick Champoux ' build_requires: File::Spec: 0 IO::Handle: 0 IPC::Open3: 0 Module::Build: 0.3601 Test::More: 0.88 configure_requires: Module::Build: 0.3601 dynamic_config: 0 generated_by: 'Dist::Zilla version 5.006, CPAN::Meta::Converter version 2.120921' license: artistic_2 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: 1.4 name: NetPacket provides: NetPacket: file: lib/NetPacket.pm version: v1.4.4 NetPacket::ARP: file: lib/NetPacket/ARP.pm version: v1.4.4 NetPacket::Ethernet: file: lib/NetPacket/Ethernet.pm version: v1.4.4 NetPacket::ICMP: file: lib/NetPacket/ICMP.pm version: v1.4.4 NetPacket::IGMP: file: lib/NetPacket/IGMP.pm version: v1.4.4 NetPacket::IP: file: lib/NetPacket/IP.pm version: v1.4.4 NetPacket::TCP: file: lib/NetPacket/TCP.pm version: v1.4.4 NetPacket::UDP: file: lib/NetPacket/UDP.pm version: v1.4.4 NetPacket::USBMon: file: lib/NetPacket/USBMon.pm version: v1.4.4 requires: constant: 0 perl: v5.10.0 strict: 0 vars: 0 warnings: 0 resources: bugtracker: http://rt.cpan.org/Public/Dist/Display.html?Name=NetPacket homepage: http://search.cpan.org/dist/NetPacket/ repository: https://github.com/yanick/netpacket.git version: 1.4.4 x_authority: cpan:YANICK x_contributors: - 'Andreas Schwab ' - 'Ben Magistro ' - 'Dinar Valeev ' - 'Lubomir Rintel ' - 'Neil Bowers ' - 'Robin Lee ' - 'Stan Schwertly ' - 'Stephanie Wehner ' - 'Tim Potter ' - 'fschlich ' NetPacket-1.4.4/t/0000755000175000017500000000000012246412375013165 5ustar yanickyanickNetPacket-1.4.4/t/icmp.t0000644000175000017500000000163112246412375014303 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; # last test to print use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::ICMP; my $datagram = binarize( <<'END_DATAGRAM' ); 00 00 00 00 00 00 00 00 00 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 3c a7 7f 00 00 01 7f 00 00 01 08 00 d8 2f b6 6f 00 00 f8 11 c9 45 ba 05 03 00 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $icmp = NetPacket::ICMP->decode( $ip->{data} ); is $icmp->{cksum} => 55343, 'ICMP checksum'; # recompute the checksum $icmp->checksum; is $icmp->{cksum} => 55343, 'recomputed ICMP checksum'; sub binarize { my $string = shift; return join '' => map { chr hex } split ' ', $string; } NetPacket-1.4.4/t/tcp.t0000644000175000017500000000542112246412375014142 0ustar yanickyanick use strict; use warnings; use Test::More tests => 4; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::TCP; my $datagram = binarize( <<'END_DATAGRAM' ); 00 21 85 9a 70 4d 00 80 64 54 ba 3a 08 00 45 00 00 e4 2b 2d 40 00 74 06 0f 26 cc e8 f4 d6 0a 00 00 02 00 50 82 60 eb 9d d5 71 11 5e 81 59 80 18 fb 28 3d cf 00 00 01 01 08 0a 30 61 d4 65 05 8c 40 76 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 53 65 72 76 65 72 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 49 49 53 2f 37 2e 30 0d 0a 58 2d 50 6f 77 65 72 65 64 2d 42 79 3a 20 41 53 50 2e 4e 45 54 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 30 37 20 4d 61 79 20 32 30 31 30 20 32 32 3a 35 38 3a 32 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 0d 0a 0d 0a 34 36 32 34 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $tcp = NetPacket::TCP->decode( $ip->{data}, $ip ); like $tcp->{data} => qr/^HTTP.*4624$/ms, 'TCP payload'; # same thing, but with noise at the end of the Eth # segment $datagram = binarize( <<'END_DATAGRAM' ); 00 21 85 9a 70 4d 00 80 64 54 ba 3a 08 00 # IP 45 00 00 e4 2b 2d 40 00 74 06 0f 26 cc e8 f4 d6 0a 00 00 02 # TCP 00 50 82 60 eb 9d d5 71 11 5e 81 59 80 18 fb 28 3d cf 00 00 01 01 08 0a 30 61 d4 65 05 8c 40 76 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 53 65 72 76 65 72 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 49 49 53 2f 37 2e 30 0d 0a 58 2d 50 6f 77 65 72 65 64 2d 42 79 3a 20 41 53 50 2e 4e 45 54 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 30 37 20 4d 61 79 20 32 30 31 30 20 32 32 3a 35 38 3a 32 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 0d 0a 0d 0a 34 36 32 34 de ad be ef END_DATAGRAM $eth = NetPacket::Ethernet->decode( $datagram ); $ip = NetPacket::IP->decode( $eth->{data} ); $tcp = NetPacket::TCP->decode( $ip->{data}, $ip ); like $tcp->{data} => qr/^HTTP.*4624$/ms, 'TCP payload'; is_deeply scalar $tcp->parse_tcp_options, { er => 93077622, ts => 811717733, }, 'options'; $datagram = binarize( <<'END_DATAGRAM'); d3 55 00 50 85 cf 98 36 00 00 00 00 a0 02 16 d0 9b 76 00 00 02 04 05 b4 04 02 08 0a 85 82 12 6d 00 00 00 00 01 03 03 04 END_DATAGRAM $tcp = NetPacket::TCP->decode( $datagram ); is_deeply scalar $tcp->parse_tcp_options, { er => 0, ts => 2239894125, mss => 1460, ws => 4, sack => 2, }, 'options'; sub binarize { my $string = shift; $string =~ s/^\s*#.*?$//mg; # remove comments return join '' => map { chr hex } split ' ', $string; } NetPacket-1.4.4/t/checksum.t0000644000175000017500000000134212246412375015154 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 3; use NetPacket::TCP; use NetPacket::UDP; my $ip = { src_ip => '127.0.0.1', dest_ip => '192.168.0.1', }; bless $ip, 'NetPacket::IP'; my $tcp = { dest_port => 22, src_port => 13, seqnum => 1, acknum => 2, winsize => 32, urg => 0, hlen => 5, data => "DEADBEEF", }; bless $tcp, 'NetPacket::TCP'; is NetPacket::TCP::checksum( $tcp, $ip ) => 25303; $tcp->{data} = "DEADBEEF\x01"; my $odd_checksum = NetPacket::TCP::checksum( $tcp, $ip ); is $odd_checksum => 25046, 'TCP padding done correctly'; my $udp = { src_port => 13, dest_port => 14, len => 15, data => "foo", }; bless $udp, 'NetPacket::UDP'; is NetPacket::UDP::checksum( $udp, $ip ) => 60058, 'UDP padding'; NetPacket-1.4.4/t/ethernet.t0000644000175000017500000000032012246412375015163 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; use NetPacket::Ethernet qw/ :types /; is ETH_TYPE_PPPOES() => 0x8864, 'imports'; is NetPacket::Ethernet::ETH_TYPE_IP() => 0x0800, 'with namespace'; NetPacket-1.4.4/t/000-report-versions-tiny.t0000644000175000017500000000445012246412375020014 0ustar yanickyanickuse strict; use warnings; use Test::More 0.88; # This is a relatively nice way to avoid Test::NoWarnings breaking our # expectations by adding extra tests, without using no_plan. It also helps # avoid any other test module that feels introducing random tests, or even # test plans, is a nice idea. our $success = 0; END { $success && done_testing; } # List our own version used to generate this my $v = "\nGenerated by Dist::Zilla::Plugin::ReportVersions::Tiny v1.08\n"; eval { # no excuses! # report our Perl details my $want = 'v5.10.0'; $v .= "perl: $] (wanted $want) on $^O from $^X\n\n"; }; defined($@) and diag("$@"); # Now, our module version dependencies: sub pmver { my ($module, $wanted) = @_; $wanted = " (want $wanted)"; my $pmver; eval "require $module;"; if ($@) { if ($@ =~ m/Can't locate .* in \@INC/) { $pmver = 'module not found.'; } else { diag("${module}: $@"); $pmver = 'died during require.'; } } else { my $version; eval { $version = $module->VERSION; }; if ($@) { diag("${module}: $@"); $pmver = 'died during VERSION check.'; } elsif (defined $version) { $pmver = "$version"; } else { $pmver = ''; } } # So, we should be good, right? return sprintf('%-45s => %-10s%-15s%s', $module, $pmver, $wanted, "\n"); } eval { $v .= pmver('File::Spec','any version') }; eval { $v .= pmver('IO::Handle','any version') }; eval { $v .= pmver('IPC::Open3','any version') }; eval { $v .= pmver('Module::Build','0.3601') }; eval { $v .= pmver('Test::More','0.88') }; eval { $v .= pmver('constant','any version') }; eval { $v .= pmver('strict','any version') }; eval { $v .= pmver('vars','any version') }; eval { $v .= pmver('version','0.9901') }; eval { $v .= pmver('warnings','any version') }; # All done. $v .= <<'EOT'; Thanks for using my code. I hope it works for you. If not, please try and include this output in the bug report. That will help me reproduce the issue and solve your problem. EOT diag($v); ok(1, "we really didn't test anything, just reporting data"); $success = 1; # Work around another nasty module on CPAN. :/ no warnings 'once'; $Template::Test::NO_FLUSH = 1; exit 0; NetPacket-1.4.4/t/usbmon.t0000644000175000017500000001451412246412375014662 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 103; use NetPacket::USBMon qw/:ALL/; my $frame; my $usbmon; # host -> device, GET DESCRIPTOR Request DEVICE $frame = binarize( <<'END_DATAGRAM' ); 40 21 9d fa 01 88 ff ff 53 02 80 0a 03 00 00 3c 48 e4 0c 52 00 00 00 00 2f d7 06 00 8d ff ff ff 28 00 00 00 00 00 00 00 80 06 00 01 00 00 28 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); #is $usbmon->{id} => 0xffff8801fa9d2140; is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576584; is $usbmon->{ts_usec} => 448303; is $usbmon->{status} => -115; is $usbmon->{length} => 40; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0x200; is $usbmon->{data} => ''; # device -> host, GET DESCRIPTOR Response DEVICE $frame = binarize( <<'END_DATAGRAM' ); 40 21 9d fa 01 88 ff ff 43 02 80 0a 03 00 2d 00 48 e4 0c 52 00 00 00 00 24 db 06 00 00 00 00 00 12 00 00 00 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 12 01 00 02 00 00 00 40 71 1b 02 30 00 01 03 04 02 01 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576584; is $usbmon->{ts_usec} => 449316; is $usbmon->{status} => 0; is $usbmon->{length} => 18; is $usbmon->{len_cap} => 18; is $usbmon->{xfer_flags} => 512; is length $usbmon->{data} => $usbmon->{len_cap}; # host -> device, SET INTERFACE Request $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 53 02 00 0a 03 00 00 00 65 e4 0c 52 00 00 00 00 23 62 07 00 8d ff ff ff 00 00 00 00 00 00 00 00 40 0c 01 00 08 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483875; is $usbmon->{status} => -115; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; is $usbmon->{setup}{bmRequestType} => USB_TYPE_VENDOR; is $usbmon->{setup}{bRequest} => 12; is $usbmon->{setup}{wIndex} => 49160; is $usbmon->{setup}{wLength} => 0; is $usbmon->{setup}{wValue} => 1; # device -> host, SET INTERFACE Response $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 43 02 00 0a 03 00 2d 3e 65 e4 0c 52 00 00 00 00 ae 61 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483758; is $usbmon->{status} => 0; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # host -> device, URB_CONTROL out $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 53 02 00 0a 03 00 00 00 65 e4 0c 52 00 00 00 00 23 62 07 00 8d ff ff ff 00 00 00 00 00 00 00 00 40 0c 01 00 08 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483875; is $usbmon->{status} => -115; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # device -> host, URB_CONTROL out $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 43 02 00 0a 03 00 2d 3e 65 e4 0c 52 00 00 00 00 1e 64 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 484382; is $usbmon->{status} => 0; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # host -> device, URB_ISOCHRONOUS in $frame = binarize( <<'END_DATAGRAM' ); 00 ce 6b 19 01 88 ff ff 53 00 81 0a 03 00 2d 3c 65 e4 0c 52 00 00 00 00 be 16 08 00 8d ff ff ff 00 60 00 00 80 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 02 02 00 00 08 00 00 00 ee ff ff ff 00 00 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 0c 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 18 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 24 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 30 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 3c 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 48 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 54 00 00 00 0c 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_ISO; is $usbmon->{ep}{num} => 1; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 530110; is $usbmon->{status} => -115; is $usbmon->{length} => 24576; is $usbmon->{len_cap} => 128; is $usbmon->{xfer_flags} => 514; is length $usbmon->{data} => $usbmon->{len_cap}; # Copied from t/tcp.t, uglified. sub binarize { return join '' => map { chr hex } split ' ', shift; } NetPacket-1.4.4/t/ip_trailing.t0000644000175000017500000000112212246412375015647 0ustar yanickyanick#!/usr/bin/perl use strict; use warnings; use Test::More tests => 2; #use Data::Dumper; use_ok 'NetPacket::IP'; my $raw_packet = <decode($raw_packet); #warn Dumper $ip; is length $ip->{data}, $ip->{len}- $ip->{hlen}*4; NetPacket-1.4.4/t/00-compile.t0000644000175000017500000000213712246412375015222 0ustar yanickyanickuse strict; use warnings; # this test was generated with Dist::Zilla::Plugin::Test::Compile 2.033 use Test::More tests => 9 + ($ENV{AUTHOR_TESTING} ? 1 : 0); my @module_files = ( 'NetPacket.pm', 'NetPacket/ARP.pm', 'NetPacket/Ethernet.pm', 'NetPacket/ICMP.pm', 'NetPacket/IGMP.pm', 'NetPacket/IP.pm', 'NetPacket/TCP.pm', 'NetPacket/UDP.pm', 'NetPacket/USBMon.pm' ); # no fake home requested use File::Spec; use IPC::Open3; use IO::Handle; my @warnings; for my $lib (@module_files) { # see L open my $stdin, '<', File::Spec->devnull or die "can't open devnull: $!"; my $stderr = IO::Handle->new; my $pid = open3($stdin, '>&STDERR', $stderr, $^X, '-Mblib', '-e', "require q[$lib]"); binmode $stderr, ':crlf' if $^O eq 'MSWin32'; my @_warnings = <$stderr>; waitpid($pid, 0); is($? >> 8, 0, "$lib loaded ok"); if (@_warnings) { warn @_warnings; push @warnings, @_warnings; } } is(scalar(@warnings), 0, 'no warnings found') if $ENV{AUTHOR_TESTING}; NetPacket-1.4.4/t/general.t0000644000175000017500000000041612246412375014770 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 1; # last test to print use NetPacket::UDP; use NetPacket; use NetPacket::ARP; use NetPacket::Ethernet; use NetPacket::ICMP; use NetPacket::IGMP; use NetPacket::IP; use NetPacket::TCP; use NetPacket::USBMon; pass; NetPacket-1.4.4/t/bug-37931.t0000644000175000017500000000065212246412375014616 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 1; # last test to print use NetPacket::ICMP ':ALL'; ok ICMP_MASKREQ(), "ICMP_MASKRED defined"; __END__ =pod Subject: NetPacket::ICMP has an export typo on ICMP_MASKREQ I found a typo in NetPacket::ICMP: > use constant ICMP_MASKREQ => 17; This constant is exported and documented as ICMP_MASREQ, making it unusable as an exported method. =cut NetPacket-1.4.4/t/ip_encode.t0000644000175000017500000000106412246412375015300 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; use NetPacket::IP; use NetPacket::Ethernet; my $datagram = join '', map { chr } split ':', join ':' => ; my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); is $ip->{flags} => 2; my $q = NetPacket::IP->decode( $ip->encode ); is $q->{flags} => $ip->{flags}; __DATA__ 0:25:209:6:219:108:0:19:163:164:237:251:8:0:69:0:0:46 174:1:64:0:56:6:248:228:96:6:121:42:192:168:2:11:0:80 17:185:251:228:155:131:197:211:72:2:80:16:30:230:61:189 0:0:0:0:0:0:0:0 NetPacket-1.4.4/t/udp.t0000644000175000017500000000220212246412375014136 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 8; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::UDP qw/ udp_strip /; my $datagram = binarize( <<'END_DATAGRAM' ); 00 90 d0 23 ed 2a 00 1c bf ca a3 d5 08 00 45 00 00 30 00 00 40 00 40 11 30 5a 0a 00 00 a5 84 b1 7b 0d eb 11 0d 96 00 1c 42 7f 00 01 00 00 21 12 a4 42 fd 95 e8 83 8a 05 28 45 6a 8e f1 e2 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $udp = NetPacket::UDP->decode( $ip->{data}, $ip ); is unpack( "H*", $udp->{data} ) => '000100002112a442fd95e8838a0528456a8ef1e2', 'UDP payload (STUN)'; is $udp->{src_port} => 60177, 'src_port'; is $udp->{dest_port} => 3478, 'dest_port'; is $udp->{len} => 28, 'len'; is $udp->{cksum} => 17023, 'cksum'; is $udp->{src_port} => 60177, 'src_port'; is $udp->{dest_port} => 3478, 'dest_port'; is unpack( "H*", udp_strip($udp->encode($ip)) ) => '000100002112a442fd95e8838a0528456a8ef1e2', 'udp_strip()'; sub binarize { my $string = shift; $string =~ s/^\s*#.*?$//mg; # remove comments return join '' => map { chr hex } split ' ', $string; } NetPacket-1.4.4/t/udp-checksum.t0000644000175000017500000000210512246412375015740 0ustar yanickyanick use Test::More tests => 2; my $data = <<'END_DATA'; 01005e2a2501003048770072080045000110000040000111cccc53a6443fef2a25017 d5a7d5a00fc7d37050000f40000010ff30f804100160000000022482ac57077827dd9 0000010ff30f804100076b65737472616c00067379736d6f6e000a4469736b4672656 52e2f6d000773000c70657263656e742d757365646640fef86073000b7061636b6574 2d74797065690000000073000b6465736372697074696f6e7300154469736b2053706 16365207374617469737469637373000d7570646174652d706572696f647100000000 000493e073000a62797465732d66726565710000002248a1800073000e726573756c7 42d6d6573736167657300077375636365737373000e6d65676162797465732d667265 6571000000000002248a END_DATA $data =~ s/\s+//g; # remove all spaces my $datagram = join "", map { chr hex } $data =~ /(..)/g; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::UDP; my $pkt = NetPacket::Ethernet->decode($datagram); my $ip_pkt = NetPacket::IP->decode( $pkt->{data} ); $pkt = NetPacket::UDP->decode( $ip_pkt->{data} ); is $pkt->{cksum} => 32055, 'original checksum'; $pkt->checksum($ip_pkt); is $pkt->{cksum} => 32055, 're-computed checksum'; NetPacket-1.4.4/README0000644000175000017500000000675312246412375013615 0ustar yanickyanickNAME NetPacket - assemble/disassemble network packets at the protocol level VERSION version 1.4.4 SYNOPSIS # NetPacket is a base class only DESCRIPTION "NetPacket" provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each "NetPacket" descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the "NetPacket::" cluster of modules other than each protocol module being a "NetPacket". This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. WRITING YOUR OWN "NetPacket::" MODULE You are encouraged to write additional "NetPacket::" modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a "NetPacket::" module. Naming Conventions When creating a module in the "NetPacket::" namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the "NetPacket::" easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto Required Methods encode(), decode(), strip() Required Fields Every NetPacket:: object should have the following fields. _parent A link to the parent "NetPacket::" object in which this "NetPacket::" object is encaulated. This field is undefined if there is no parent object. _frame A copy of the raw data of the packet. data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. AUTHORS Tim Potter Stephanie Wehner Yanick Champoux