NetPacket-1.6.0/0000775000175000017500000000000012500661227012715 5ustar yanickyanickNetPacket-1.6.0/lib/0000775000175000017500000000000012500661227013463 5ustar yanickyanickNetPacket-1.6.0/lib/NetPacket.pm0000644000175000017500000001111612500661227015675 0ustar yanickyanickpackage NetPacket; BEGIN { $NetPacket::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: assemble/disassemble network packets at the protocol level $NetPacket::VERSION = '1.6.0'; use strict; use warnings; use parent 'Exporter'; our @EXPORT_OK = qw(in_cksum htons htonl ntohs ntohl); our %EXPORT_TAGS = ( ALL => \@EXPORT_OK ); # # Utility functions useful for all modules # # Calculate IP checksum sub in_cksum { my ($packet) = @_; my ($plen, $short, $num, $count, $chk); $plen = length($packet); $num = int($plen / 2); $chk = 0; $count = $plen; foreach $short (unpack("S$num", $packet)) { $chk += $short; $count = $count - 2; } if($count == 1) { $chk += unpack("C", substr($packet, $plen -1, 1)); } # add the two halves together (CKSUM_CARRY -> libnet) $chk = ($chk >> 16) + ($chk & 0xffff); return(~(($chk >> 16) + $chk) & 0xffff); } # Network/host byte order conversion routines. Network byte order is # defined as being big-endian. sub htons { my ($in) = @_; return(unpack('n*', pack('S*', $in))); } sub htonl { my ($in) = @_; return(unpack('N*', pack('L*', $in))); } sub ntohl { my ($in) = @_; return(unpack('L*', pack('N*', $in))); } sub ntohs { my ($in) = @_; return(unpack('S*', pack('n*', $in))); } # # Module initialisation # 1; __END__ =pod =head1 NAME NetPacket - assemble/disassemble network packets at the protocol level =head1 VERSION version 1.6.0 =head1 SYNOPSIS # NetPacket is a base class only =head1 DESCRIPTION C provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each C descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the C cluster of modules other than each protocol module being a C. This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. =head1 WRITING YOUR OWN C MODULE You are encouraged to write additional C modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a C module. =head2 Naming Conventions When creating a module in the C namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the C easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto =head2 Required Methods encode(), decode(), strip() =head2 Required Fields Every NetPacket:: object should have the following fields. =over =item _parent A link to the parent C object in which this C object is encaulated. This field is undefined if there is no parent object. =item _frame A copy of the raw data of the packet. =item data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. =back =head1 SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. =head1 COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHORS Tim Potter Stephanie Wehner Yanick Champoux =cut NetPacket-1.6.0/lib/NetPacket/0000775000175000017500000000000012500661227015341 5ustar yanickyanickNetPacket-1.6.0/lib/NetPacket/TCP.pm0000644000175000017500000002612112500661227016325 0ustar yanickyanickpackage NetPacket::TCP; BEGIN { $NetPacket::TCP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble TCP (Transmission Control Protocol) packets. $NetPacket::TCP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; # TCP Flags use constant FIN => 0x01; use constant SYN => 0x02; use constant RST => 0x04; use constant PSH => 0x08; use constant ACK => 0x10; use constant URG => 0x20; use constant ECE => 0x40; use constant CWR => 0x80; our @EXPORT = qw(FIN SYN RST PSH ACK URG ECE CWR); our @EXPORT_OK = qw(tcp_strip ); our %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], strip => [qw(tcp_strip)], ); # # Strip header from packet and return the data contained in it # undef &tcp_strip; *tcp_strip = \&strip; sub strip { my ($pkt) = @_; my $tcp_obj = NetPacket::TCP->decode($pkt); return $tcp_obj->{data}; } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode TCP packet if (defined($pkt)) { my $tmp; ($self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $self->{cksum}, $self->{urg}, $self->{options}) = unpack("nnNNnnnna*", $pkt); # Extract flags $self->{hlen} = ($tmp & 0xf000) >> 12; $self->{reserved} = ($tmp & 0x0f00) >> 8; $self->{flags} = $tmp & 0x00ff; # Decode variable length header and remaining data my $olen = $self->{hlen} - 5; $olen = 0 if $olen < 0; # Check for bad hlen # Option length is number of 32 bit words $olen *= 4; ( $self->{options}, $self->{data} ) = unpack( 'a' . $olen . 'a*', $self->{options}); } # Return a blessed object bless($self, $class); return $self; } # # Encode a packet # sub encode { my $self = shift; my ($ip) = @_; my ($packet,$tmp); # First of all, fix the checksum $self->checksum($ip); $tmp = $self->{hlen} << 12; $tmp = $tmp | (0x0f00 & ($self->{reserved} << 8)); $tmp = $tmp | (0x00ff & $self->{flags}); # Put the packet together $packet = pack('n n N N n n n n a* a*', $self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $self->{cksum}, $self->{urg}, $self->{options},$self->{data}); return($packet); } # # TCP Checksum # sub checksum { my $self = shift; my ($ip) = @_; my ($packet,$zero,$tcplen,$tmp); my ($src_ip, $dest_ip,$proto); $zero = 0; $proto = 6; $tcplen = ($self->{hlen} * 4)+ length($self->{data}); no warnings qw/ uninitialized /; $tmp = $self->{hlen} << 12; $tmp = $tmp | (0x0f00 & ($self->{reserved} << 8)); $tmp = $tmp | (0x00ff & $self->{flags}); # Pack pseudo-header for tcp checksum $src_ip = gethostbyname($ip->{src_ip}); $dest_ip = gethostbyname($ip->{dest_ip}); $packet = pack('a4a4nnnnNNnnnna*a*', $src_ip,$dest_ip,$proto,$tcplen, $self->{src_port}, $self->{dest_port}, $self->{seqnum}, $self->{acknum}, $tmp, $self->{winsize}, $zero, $self->{urg}, $self->{options},$self->{data}); # pad packet if odd-sized $packet .= "\x00" if length( $packet ) % 2; $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } sub parse_tcp_options { # # dissect tcp options header. see: # http://www.networksorcery.com/enp/protocol/tcp.htm#Options # # we create an byte array from the options header # and iterate through that. If we find an option # kind number we act accordingly (sometimes it has # a fixed length, sometimes a variable one). # once we've got the option stored, we shift the # bytes we fetched away from the byte array and # re-enter the loop. my $self = shift; my $opts = $self->{options}; my @bytes = split //, $opts; my %options; my $size; ENTRY: $size = $#bytes; foreach my $byte (@bytes) { my $kind = unpack('C', $byte); if($kind == 2) { # MSS. # next byte is size, set to 4 # next 2 bytes are mss value 16 bit unsigned short $options{mss} = unpack('n', $bytes[2] . $bytes[3]); shift @bytes; shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 1) { # a noop shift @bytes; goto ENTRY; } elsif ($kind == 3) { # Windows Scale Factor # next byte is size, set to 3 # next byte is shift count, 8 bit unsigned $options{ws} = unpack('C', $bytes[2]); shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 4) { # SACK Permitted # next byte is length $options{sack} = unpack('C', $bytes[1]); shift @bytes; shift @bytes; goto ENTRY; } elsif ($kind == 5) { # SACK Blocks # next byte is length, 2 + (number of blocks * 8) # in every block, # former 4 bytes is SACK left edge, 32 bit unsigned int # latter 4 bytes is SACK right edge, 32 bit unsigned int my $block_num = (unpack('C', $bytes[1]) - 2) / 8; shift @bytes; shift @bytes; my @sack_blocks; for (1..$block_num) { push @sack_blocks, [unpack('N', join '', @bytes[0..3]), unpack('N', join '', @bytes[4..7])]; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; } $options{sack_blocks} = \@sack_blocks; } elsif ($kind == 8) { # timestamp # next byte is length, set to 10 # next 4 byte is timestamp, 32 bit unsigned int # next 4 byte is timestamp echo reply, 32 bit unsigned int $options{ts} = unpack('N', join '', @bytes[2..5]); $options{er} = unpack('N', join '', @bytes[6,7,8,9]); shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; shift @bytes; goto ENTRY; } } return wantarray ? %options : \%options; } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below __END__ =pod =head1 NAME NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::TCP; $tcp_obj = NetPacket::TCP->decode($raw_pkt); $tcp_pkt = $tcp_obj->encode($ip_pkt); $tcp_data = NetPacket::TCP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode($ip_obj)> Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum. =item C<$packet-Eparse_tcp_options> Returns a hash (or a hash ref in scalar context) contaning the packet's options. For now the method only recognizes well-known and widely used options (MSS, noop, windows scale factor, SACK permitted, SACK, timestamp). If the packet contains options unknown to the method, it may fail. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_port The source TCP port for the packet. =item dest_port The destination TCP port for the packet. =item seqnum The TCP sequence number for this packet. =item acknum The TCP acknowledgement number for this packet. =item hlen The header length for this packet. =item reserved The 6-bit "reserved" space in the TCP header. =item flags Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet. =item winsize The TCP window size for this packet. =item cksum The TCP checksum. =item urg The TCP urgent pointer. =item options Any TCP options for this packet in binary form. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag. =item exportable tcp_strip =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script is a primitive pop3 sniffer. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP qw(:strip); use NetPacket::TCP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt))); if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) { print($tcp_obj->{data}); } } Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp'); The following uses NetPacket together with Net::Divert to add a syn flag to all TCP packets passing through: #!/usr/bin/perl use Net::Divert; use NetPacket::IP qw(IP_PROTO_TCP); use NetPacket::TCP; $divobj = Net::Divert->new('yourhostname',9999); $divobj->getPackets(\&alterPacket); sub alterPacket { my($packet,$fwtag) = @_; # decode the IP header $ip_obj = NetPacket::IP->decode($packet); # check if this is a TCP packet if($ip_obj->{proto} == IP_PROTO_TCP) { # decode the TCP header $tcp_obj = NetPacket::TCP->decode($ip_obj->{data}); # set the syn flag $tcp_obj->{flags} |= SYN; # construct the new ip packet $ip_obj->{data} = $tcp_obj->encode($ip_obj); $packet = $ip_obj->encode; } # write it back out $divobj->putPacket($packet,$fwtag); } =head1 TODO =over =item Assembly of TCP fragments into a data stream =item Option processing =item Nicer processing of TCP flags =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut NetPacket-1.6.0/lib/NetPacket/IP.pm0000644000175000017500000003437012500661227016214 0ustar yanickyanickpackage NetPacket::IP; BEGIN { $NetPacket::IP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble IP (Internet Protocol) packets. $NetPacket::IP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; our @EXPORT_OK = qw(ip_strip IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_EGP IP_PROTO_EGP IP_PROTO_PUP IP_PROTO_UDP IP_PROTO_IDP IP_PROTO_TP IP_PROTO_DCCP IP_PROTO_IPV6 IP_PROTO_ROUTING IP_PROTO_FRAGMENT IP_PROTO_RSVP IP_PROTO_GRE IP_PROTO_ESP IP_PROTO_AH IP_PROTO_ICMPV6 IP_PROTO_NONE IP_PROTO_DSTOPTS IP_PROTO_MTP IP_PROTO_ENCAP IP_PROTO_PIM IP_PROTO_COMP IP_PROTO_SCTP IP_PROTO_UDPLITE IP_VERSION_IPv4 IP_FLAG_MOREFRAGS IP_FLAG_DONTFRAG IP_FLAG_CONGESTION IPTOS_ECN_MASK IPTOS_ECN_NOT_ECT IPTOS_ECN_ECT1 IPTOS_ECN_ECT0 IPTOS_ECN_CE IPTOS_DSCP_MASK IPTOS_DSCP_EF IPTOS_DSCP_AF11 IPTOS_DSCP_AF12 IPTOS_DSCP_AF13 IPTOS_DSCP_AF21 IPTOS_DSCP_AF22 IPTOS_DSCP_AF23 IPTOS_DSCP_AF31 IPTOS_DSCP_AF32 IPTOS_DSCP_AF33 IPTOS_DSCP_AF41 IPTOS_DSCP_AF42 IPTOS_DSCP_AF43 IPTOS_CLASS_MASK IPTOS_CLASS_DEFAULT IPTOS_CLASS_CS0 IPTOS_CLASS_CS1 IPTOS_CLASS_CS2 IPTOS_CLASS_CS3 IPTOS_CLASS_CS4 IPTOS_CLASS_CS5 IPTOS_CLASS_CS6 IPTOS_CLASS_CS7 IPTOS_PREC_MASK IPTOS_PREC_NETCONTROL IPTOS_PREC_INTERNETCONTROL IPTOS_PREC_CRITIC_ECP IPTOS_PREC_FLASHOVERRIDE IPTOS_PREC_FLASH IPTOS_PREC_IMMEDIATE IPTOS_PREC_PRIORITY IPTOS_PREC_ROUTINE MAXTTL IPDEFTTL IPFRAGTTL IPTTLDEC IP_MSS IP_MAXPACKET ); our %EXPORT_TAGS = ( ALL => [@EXPORT_OK], protos => [qw(IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_EGP IP_PROTO_PUP IP_PROTO_UDP IP_PROTO_IDP IP_PROTO_TP IP_PROTO_DCCP IP_PROTO_IPV6 IP_PROTO_ROUTING IP_PROTO_FRAGMENT IP_PROTO_RSVP IP_PROTO_GRE IP_PROTO_ESP IP_PROTO_AH IP_PROTO_ICMPV6 IP_PROTO_NONE IP_PROTO_DSTOPTS IP_PROTO_MTP IP_PROTO_ENCAP IP_PROTO_PIM IP_PROTO_COMP IP_PROTO_SCTP IP_PROTO_UDPLITE)], versions => [qw(IP_VERSION_IPv4)], strip => [qw(ip_strip)], flags => [qw(IP_FLAG_MOREFRAGS IP_FLAG_DONTFRAG IP_FLAG_CONGESTION)], tos => [qw(IPTOS_ECN_MASK IPTOS_ECN_NOT_ECT IPTOS_ECN_ECT1 IPTOS_ECN_ECT0 IPTOS_ECN_CE IPTOS_DSCP_MASK IPTOS_DSCP_EF IPTOS_DSCP_AF11 IPTOS_DSCP_AF12 IPTOS_DSCP_AF13 IPTOS_DSCP_AF21 IPTOS_DSCP_AF22 IPTOS_DSCP_AF23 IPTOS_DSCP_AF31 IPTOS_DSCP_AF32 IPTOS_DSCP_AF33 IPTOS_DSCP_AF41 IPTOS_DSCP_AF42 IPTOS_DSCP_AF43 IPTOS_CLASS_MASK IPTOS_CLASS_DEFAULT IPTOS_CLASS_CS0 IPTOS_CLASS_CS1 IPTOS_CLASS_CS2 IPTOS_CLASS_CS3 IPTOS_CLASS_CS4 IPTOS_CLASS_CS5 IPTOS_CLASS_CS6 IPTOS_CLASS_CS7 IPTOS_PREC_MASK IPTOS_PREC_NETCONTROL IPTOS_PREC_INTERNETCONTROL IPTOS_PREC_CRITIC_ECP IPTOS_PREC_FLASHOVERRIDE IPTOS_PREC_FLASH IPTOS_PREC_IMMEDIATE IPTOS_PREC_PRIORITY IPTOS_PREC_ROUTINE)], misc => [qw(MAXTTL IPDEFTTL IPFRAGTTL IPTTLDEC IP_MSS IP_MAXPACKET)], ); # # Partial list of IP protocol values from RFC 1700 # use constant IP_PROTO_IP => 0; # Dummy protocol for TCP use constant IP_PROTO_ICMP => 1; # Internet Control Message Protocol use constant IP_PROTO_IGMP => 2; # Internet Group Management Protocol use constant IP_PROTO_IPIP => 4; # IP in IP encapsulation use constant IP_PROTO_TCP => 6; # Transmission Control Protocol use constant IP_PROTO_EGP => 8; # Exterior Gateway Protocol use constant IP_PROTO_PUP => 12; # PUP protocol use constant IP_PROTO_UDP => 17; # User Datagram Protocol use constant IP_PROTO_IDP => 22; # XNS IDP Protocol use constant IP_PROTO_TP => 29; # SO Transport Protocol Class 4 use constant IP_PROTO_DCCP => 33; # Datagram Congestion Control Protocol use constant IP_PROTO_IPV6 => 41; # IPv6 header use constant IP_PROTO_ROUTING => 43; # IPv6 routing header use constant IP_PROTO_FRAGMENT => 44; # IPv6 fragmentation header use constant IP_PROTO_RSVP => 46; # Reservation Protocol use constant IP_PROTO_GRE => 47; # General Routing Encapsulation use constant IP_PROTO_ESP => 50; # encapsulating security payload use constant IP_PROTO_AH => 51; # authentication header use constant IP_PROTO_ICMPV6 => 58; # ICMPv6 use constant IP_PROTO_NONE => 59; # IPv6 no next header use constant IP_PROTO_DSTOPTS => 60; # IPv6 destination options use constant IP_PROTO_MTP => 92; # Multicast Transport Protocol use constant IP_PROTO_ENCAP => 98; # Encapsulation Header use constant IP_PROTO_PIM => 103; # Protocol Independent Multicast use constant IP_PROTO_COMP => 108; # Compression Header Protocol use constant IP_PROTO_SCTP => 132; # Stream Control Transmission Protocol use constant IP_PROTO_UDPLITE => 136; # UDP-Lite protocol # # Partial list of IP version numbers from RFC 1700 # use constant IP_VERSION_IPv4 => 4; # IP version 4 # # Flag values # use constant IP_FLAG_MOREFRAGS => 1; # More fragments coming use constant IP_FLAG_DONTFRAG => 2; # Don't fragment me use constant IP_FLAG_CONGESTION => 4; # Congestion present # # ToS/DSCP values # use constant IPTOS_ECN_MASK => 0x03; use constant IPTOS_ECN_NOT_ECT => 0x00; use constant IPTOS_ECN_ECT1 => 0x01; use constant IPTOS_ECN_ECT0 => 0x02; use constant IPTOS_ECN_CE => 0x03; use constant IPTOS_DSCP_MASK => 0xfc; use constant IPTOS_DSCP_AF11 => 0x28; use constant IPTOS_DSCP_AF12 => 0x30; use constant IPTOS_DSCP_AF13 => 0x38; use constant IPTOS_DSCP_AF21 => 0x48; use constant IPTOS_DSCP_AF22 => 0x50; use constant IPTOS_DSCP_AF23 => 0x58; use constant IPTOS_DSCP_AF31 => 0x68; use constant IPTOS_DSCP_AF32 => 0x70; use constant IPTOS_DSCP_AF33 => 0x78; use constant IPTOS_DSCP_AF41 => 0x88; use constant IPTOS_DSCP_AF42 => 0x90; use constant IPTOS_DSCP_AF43 => 0x98; use constant IPTOS_DSCP_EF => 0xb8; use constant IPTOS_CLASS_MASK => 0xe0; use constant IPTOS_CLASS_CS0 => 0x00; use constant IPTOS_CLASS_CS1 => 0x20; use constant IPTOS_CLASS_CS2 => 0x40; use constant IPTOS_CLASS_CS3 => 0x60; use constant IPTOS_CLASS_CS4 => 0x80; use constant IPTOS_CLASS_CS5 => 0xa0; use constant IPTOS_CLASS_CS6 => 0xc0; use constant IPTOS_CLASS_CS7 => 0xe0; use constant IPTOS_CLASS_DEFAULT => 0x00; use constant IPTOS_PREC_MASK => 0xe0; use constant IPTOS_PREC_NETCONTROL => 0xe0; use constant IPTOS_PREC_INTERNETCONTROL => 0xc0; use constant IPTOS_PREC_CRITIC_ECP => 0x0a; use constant IPTOS_PREC_FLASHOVERRIDE => 0x80; use constant IPTOS_PREC_FLASH => 0x60; use constant IPTOS_PREC_IMMEDIATE => 0x40; use constant IPTOS_PREC_PRIORITY => 0x20; use constant IPTOS_PREC_ROUTINE => 0x00; # TTL values use constant MAXTTL => 255; use constant IPDEFTTL => 64; use constant IPFRAGTTL => 60; use constant IPTTLDEC => 1; use constant IP_MSS => 576; # Maximum IP Packet size use constant IP_MAXPACKET => 65535; # Convert 32-bit IP address to dotted quad notation sub to_dotquad { my($net) = @_ ; my($na, $nb, $nc, $nd); $na = $net >> 24 & 255; $nb = $net >> 16 & 255; $nc = $net >> 8 & 255; $nd = $net & 255; return ("$na.$nb.$nc.$nd"); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode IP packet if (defined($pkt)) { my $tmp; ($tmp, $self->{tos},$self->{len}, $self->{id}, $self->{foffset}, $self->{ttl}, $self->{proto}, $self->{cksum}, $self->{src_ip}, $self->{dest_ip}, $self->{options}) = unpack('CCnnnCCnNNa*' , $pkt); # Extract bit fields $self->{ver} = ($tmp & 0xf0) >> 4; $self->{hlen} = $tmp & 0x0f; $self->{flags} = $self->{foffset} >> 13; $self->{foffset} = ($self->{foffset} & 0x1fff) << 3; # Decode variable length header options and remaining data in field my $olen = $self->{hlen} - 5; $olen = 0 if $olen < 0; # Check for bad hlen # Option length is number of 32 bit words $olen = $olen * 4; ($self->{options}, $self->{data}) = unpack("a" . $olen . "a*", $self->{options}); my $length = $self->{hlen}; $length = 5 if $length < 5; # precaution against bad header # truncate data to the length given by the header $self->{data} = substr $self->{data}, 0, $self->{len} - 4 * $length; # Convert 32 bit ip addresses to dotted quad notation $self->{src_ip} = to_dotquad($self->{src_ip}); $self->{dest_ip} = to_dotquad($self->{dest_ip}); } return bless $self, $class; } # # Strip header from packet and return the data contained in it # undef &ip_strip; # Create ip_strip alias *ip_strip = \&strip; sub strip { my ($pkt) = @_; my $ip_obj = NetPacket::IP->decode($pkt); return $ip_obj->{data}; } # # Encode a packet # sub encode { my $self = shift; my ($hdr,$packet,$zero,$tmp,$offset); my ($src_ip, $dest_ip); # create a zero variable $zero = 0; # adjust the length of the packet $self->{len} = ($self->{hlen} * 4) + length($self->{data}); $tmp = $self->{hlen} & 0x0f; $tmp = $tmp | (($self->{ver} << 4) & 0xf0); $offset = $self->{flags} << 13; $offset = $offset | (($self->{foffset} >> 3) & 0x1fff); # convert the src and dst ip $src_ip = gethostbyname($self->{src_ip}); $dest_ip = gethostbyname($self->{dest_ip}); my $fmt = 'CCnnnCCna4a4a*'; my @pkt = ($tmp, $self->{tos},$self->{len}, $self->{id}, $offset, $self->{ttl}, $self->{proto}, $zero, $src_ip, $dest_ip); # change format and package in case of IP options if(defined $self->{options}){ $fmt = 'CCnnnCCna4a4a*a*'; push(@pkt, $self->{options}); } # construct header to calculate the checksum $hdr = pack($fmt, @pkt); $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($hdr)); $pkt[7] = $self->{cksum}; # make the entire packet if(defined $self->{data}){ push(@pkt, $self->{data}); } $packet = pack($fmt, @pkt); return($packet); } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::IP - Assemble and disassemble IP (Internet Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::IP; $ip_obj = NetPacket::IP->decode($raw_pkt); $ip_pkt = NetPacket::IP->encode($ip_obj); $ip_data = NetPacket::IP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using IP (Internet Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode()> Return an IP packet encoded with the instance data specified. This will infer the total length of the packet automatically from the payload length and also adjust the checksum. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the IP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item ver The IP version number of this packet. =item hlen The IP header length of this packet. =item flags The IP header flags for this packet. =item foffset The IP fragment offset for this packet. =item tos The type-of-service for this IP packet. =item len The length (including length of header) in bytes for this packet. =item id The identification (sequence) number for this IP packet. =item ttl The time-to-live value for this packet. =item proto The IP protocol number for this packet. =item cksum The IP checksum value for this packet. =item src_ip The source IP address for this packet in dotted-quad notation. =item dest_ip The destination IP address for this packet in dotted-quad notation. =item options Any IP options for this packet. =item data The encapsulated data (payload) for this IP packet. =back =head2 Exports =over =item default none =item exportable IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP IP_VERSION_IPv4 =item tags The following tags group together related exportable items. =over =item C<:protos> IP_PROTO_IP IP_PROTO_ICMP IP_PROTO_IGMP IP_PROTO_IPIP IP_PROTO_TCP IP_PROTO_UDP =item C<:versions> IP_VERSION_IPv4 =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps IP frames by IP address and protocol to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; sub process_pkt { my ($user, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); print("$ip_obj->{src_ip}:$ip_obj->{dest_ip} $ip_obj->{proto}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'ip'); =head1 TODO =over =item IP option decoding - currently stored in binary form. =item Assembly of received fragments =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.6.0/lib/NetPacket/UDP.pm0000644000175000017500000001510112500661227016323 0ustar yanickyanickpackage NetPacket::UDP; BEGIN { $NetPacket::UDP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble UDP (User Datagram Protocol) packets. $NetPacket::UDP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; use NetPacket::IP; our @EXPORT_OK = qw(udp_strip); our %EXPORT_TAGS = ( ALL => [@EXPORT_OK], strip => [qw(udp_strip)], ); # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode UDP packet if (defined($pkt)) { ($self->{src_port}, $self->{dest_port}, $self->{len}, $self->{cksum}, $self->{data}) = unpack("nnnna*", $pkt); } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it # undef &udp_strip; *udp_strip = \&strip; sub strip { return decode(__PACKAGE__,shift)->{data}; } # # Encode a packet # sub encode { my ($self, $ip) = @_; # Adjust the length accordingly $self->{len} = 8 + length($self->{data}); # First of all, fix the checksum $self->checksum($ip); # Put the packet together return pack("nnnna*", $self->{src_port},$self->{dest_port}, $self->{len}, $self->{cksum}, $self->{data}); } # # UDP Checksum # sub checksum { my( $self, $ip ) = @_; my $proto = NetPacket::IP::IP_PROTO_UDP; # Pack pseudo-header for udp checksum my $src_ip = gethostbyname($ip->{src_ip}); my $dest_ip = gethostbyname($ip->{dest_ip}); no warnings; my $packet = pack 'a4a4CCnnnnna*' => # fake ip header part $src_ip, $dest_ip, 0, $proto, $self->{len}, # proper UDP part $self->{src_port}, $self->{dest_port}, $self->{len}, 0, $self->{data}; $packet .= "\x00" if length($packet) % 2; $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } 1; __END__ =pod =head1 NAME NetPacket::UDP - Assemble and disassemble UDP (User Datagram Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::UDP; $udp_obj = NetPacket::UDP->decode($raw_pkt); $udp_pkt = $udp_obj->encode($l3_obj); $udp_data = NetPacket::UDP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using UDP (User Datagram Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item C<$udp_packet-encode($l3_obj)> Return the encoded version of the UDP packet object. Needs part of the IP header contained (src_ip and dest_ip specifically) in $l3_obj, in order to calculate the UDP checksum. The length field will also be set automatically based on values provided. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the UDP packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_port The source UDP port for the datagram. =item dest_port The destination UDP port for the datagram. =item len The length (including length of header) in bytes for this packet. =item cksum The checksum value for this packet. =item data The encapsulated data (payload) for this packet. =back =head2 IP data The IP data for the $l3_obj object consists of the following fields. Additional items may be supplied as well as passing the whole object returned by NetPacket::IP->decode but are unnecessary. =over =item src_ip The source IP for the datagram =item dest_ip The destination IP for the datagram =back =head2 Exports =over =item default none =item exportable udp_strip =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following example prints the source IP address and port, the destination IP address and port, and the UDP packet length: #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; use NetPacket::UDP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $udp_obj = NetPacket::UDP->decode($ip_obj->{data}); print("$ip_obj->{src_ip}:$udp_obj->{src_port} -> ", "$ip_obj->{dest_ip}:$udp_obj->{dest_port} ", "$udp_obj->{len}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'udp'); The following is an example use in combination with Net::Divert to alter the payload of packets that pass through. All occurences of foo will be replaced with bar. This example is easy to test with netcat, but otherwise makes little sense. :) Adapt to your needs: use Net::Divert; use NetPacket::IP qw(IP_PROTO_UDP); use NetPacket::UDP; $divobj = Net::Divert->new('yourhost',9999); $divobj->getPackets(\&alterPacket); sub alterPacket { my ($data, $fwtag) = @_; $ip_obj = NetPacket::IP->decode($data); if($ip_obj->{proto} == IP_PROTO_UDP) { # decode the UDP header $udp_obj = NetPacket::UDP->decode($ip_obj->{data}); # replace foo in the payload with bar $udp_obj->{data} =~ s/foo/bar/g; # re-encode the packet $ip_obj->{data} = $udp_obj->encode($udp_obj, $ip_obj); $data = $ip_obj->encode; } $divobj->putPacket($data,$fwtag); } =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE Yanick Champoux =cut NetPacket-1.6.0/lib/NetPacket/Ethernet.pm0000644000175000017500000001525312500661227017461 0ustar yanickyanickpackage NetPacket::Ethernet; BEGIN { $NetPacket::Ethernet::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble ethernet packets. $NetPacket::Ethernet::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; my @eth_types = qw/ ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_RARP ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP ETH_TYPE_802_1Q ETH_TYPE_IPX ETH_TYPE_PPPOED ETH_TYPE_PPPOES /; our @EXPORT_OK = ( 'eth_strip', 'ETH_HLEN', @eth_types ); our %EXPORT_TAGS = ( ALL => [@EXPORT_OK], strip => [qw(eth_strip)], types => \@eth_types, ); # # Partial list of ethernet protocol types from # http://www.isi.edu/in-notes/iana/assignments/ethernet-numbers # use constant ETH_TYPE_IP => 0x0800; use constant ETH_TYPE_ARP => 0x0806; use constant ETH_TYPE_APPLETALK => 0x809b; use constant ETH_TYPE_RARP => 0x8035; use constant ETH_TYPE_SNMP => 0x814c; use constant ETH_TYPE_IPv6 => 0x86dd; use constant ETH_TYPE_PPP => 0x880b; use constant ETH_TYPE_802_1Q => 0x8100; use constant ETH_TYPE_IPX => 0x8137; use constant ETH_TYPE_PPPOED => 0x8863; use constant ETH_TYPE_PPPOES => 0x8864; use constant ETH_HLEN => 6; # # VLAN Tag field masks # use constant VLAN_MASK_PCP => 0xE000; use constant VLAN_MASK_CFI => 0x1000; use constant VLAN_MASK_VID => 0x0FFF; # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ethernet packet if (defined($pkt)) { my($sm_lo, $sm_hi, $dm_lo, $dm_hi, $tcid); ($dm_hi, $dm_lo, $sm_hi, $sm_lo, $self->{type}) = unpack('NnNnn' , $pkt); # Check for 802.1Q VLAN tag and unpack to account for 4-byte offset if ($self->{type} == ETH_TYPE_802_1Q) { $self->{tpid} = ETH_TYPE_802_1Q; ( $tcid, $self->{type}, $self->{data} ) = unpack('x14nna*' , $pkt); # Break down VLAN tag TCI into: PCP, CFI, VID $self->{pcp} = $tcid & VLAN_MASK_PCP >> 13; $self->{cfi} = $tcid & VLAN_MASK_CFI >> 12; $self->{vid} = $tcid & VLAN_MASK_VID; } else { ( $self->{data} ) = unpack('x14a*' , $pkt); } # Convert MAC addresses to hex string to avoid representation problems $self->{src_mac} = sprintf "%08x%04x", $sm_hi, $sm_lo; $self->{dest_mac} = sprintf "%08x%04x", $dm_hi, $dm_lo; } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it # undef ð_strip; # Create eth_strip alias *eth_strip = \&strip; sub strip { my ($pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); return $eth_obj->{data}; } # # Encode a packet - not implemented! # sub encode { my ($self) = shift; (my $dest = $self->{src_mac}) =~ s/://g; (my $src = $self->{dest_mac}) =~ s/://g; my $frame = pack('H12H12n a*', $dest, $src, 0x0800, $self->{data}); return $frame; } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::Ethernet - Assemble and disassemble ethernet packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::Ethernet; $eth_obj = NetPacket::Ethernet->decode($raw_pkt); $eth_pkt = NetPacket::Ethernet->encode(params...); # Not implemented $eth_data = NetPacket::Ethernet::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using the Ethernet protocol. =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return an ethernet packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the ethernet packet. This data is suitable to be used as input for other C modules. This function is equivalent to creating an object using the C constructor and returning the C field of that object. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item src_mac The source MAC address for the ethernet packet as a hex string. =item dest_mac The destination MAC address for the ethernet packet as a hex string. =item type The protocol type for the ethernet packet. =item data The payload for the ethernet packet. =back =head2 Exports =over =item default none =item exportable ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP =item tags The following tags group together related exportable items. =over =item C<:types> ETH_TYPE_IP ETH_TYPE_ARP ETH_TYPE_APPLETALK ETH_TYPE_SNMP ETH_TYPE_IPv6 ETH_TYPE_PPP =item C<:strip> Import the strip function C which is an alias for C =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps ethernet frames by mac address and protocol to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); print("$eth_obj->{src_mac}:$eth_obj->{dest_mac} $eth_obj->{type}\n"); } Net::PcapUtils::loop(\&process_pkt); =head1 TODO =over =item Implement C function =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.6.0/lib/NetPacket/ICMP.pm0000644000175000017500000002253312500661227016432 0ustar yanickyanickpackage NetPacket::ICMP; BEGIN { $NetPacket::ICMP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble ICMP (Internet Control Message Protocol) packets. $NetPacket::ICMP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; our @EXPORT_OK = qw(icmp_strip icmp_infotype ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY ICMP_UNREACH_NET ICMP_UNREACH_HOST ICMP_UNREACH_PROTOCOL ICMP_UNREACH_PORT ICMP_UNREACH_NEEDFRAG ICMP_UNREACH_SRCFAIL ICMP_UNREACH_NET_UNKNOWN ICMP_UNREACH_HOST_UNKNOWN ICMP_UNREACH_ISOLATED ICMP_UNREACH_NET_PROHIB ICMP_UNREACH_HOST_PROHIB ICMP_UNREACH_TOSNET ICMP_UNREACH_TOSHOST ICMP_UNREACH_FILTER_PROHIB ICMP_UNREACH_HOST_PRECEDENCE ICMP_UNREACH_PRCEDENCE_CUTOFF ICMP_REDIRECT_NET ICMP_REDIRECT_HOST ICMP_REDIRECT_TOSNET ICMP_REDIRECT_TOSHOST ICMP_TIMXCEED_INTRANS ICMP_TIMXCEED_REASS ICMP_PARAMPROB_OPTABSENT ); our %EXPORT_TAGS = ( ALL => [@EXPORT_OK], types => [qw(ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY)], codes => [qw(ICMP_UNREACH_NET ICMP_UNREACH_HOST ICMP_UNREACH_PROTOCOL ICMP_UNREACH_PORT ICMP_UNREACH_NEEDFRAG ICMP_UNREACH_SRCFAIL ICMP_UNREACH_NET_UNKNOWN ICMP_UNREACH_HOST_UNKNOWN ICMP_UNREACH_ISOLATED ICMP_UNREACH_NET_PROHIB ICMP_UNREACH_HOST_PROHIB ICMP_UNREACH_TOSNET ICMP_UNREACH_TOSHOST ICMP_UNREACH_FILTER_PROHIB ICMP_UNREACH_HOST_PRECEDENCE ICMP_UNREACH_PRCEDENCE_CUTOFF ICMP_REDIRECT_NET ICMP_REDIRECT_HOST ICMP_REDIRECT_TOSNET ICMP_REDIRECT_TOSHOST ICMP_TIMXCEED_INTRANS ICMP_TIMXCEED_REASS ICMP_PARAMPROB_OPTABSENT)], strip => [qw(icmp_strip)], ); # ICMP Types use constant ICMP_ECHOREPLY => 0; use constant ICMP_UNREACH => 3; use constant ICMP_SOURCEQUENCH => 4; use constant ICMP_REDIRECT => 5; use constant ICMP_ECHO => 8; use constant ICMP_ROUTERADVERT => 9; use constant ICMP_ROUTERSOLICIT => 10; use constant ICMP_TIMXCEED => 11; use constant ICMP_PARAMPROB => 12; use constant ICMP_TSTAMP => 13; use constant ICMP_TSTAMPREPLY => 14; use constant ICMP_IREQ => 15; use constant ICMP_IREQREPLY => 16; use constant ICMP_MASKREQ => 17; use constant ICMP_MASKREPLY => 18; # Unreachable Codes use constant ICMP_UNREACH_NET => 0; use constant ICMP_UNREACH_HOST => 1; use constant ICMP_UNREACH_PROTOCOL => 2; use constant ICMP_UNREACH_PORT => 3; use constant ICMP_UNREACH_NEEDFRAG => 4; use constant ICMP_UNREACH_SRCFAIL => 5; use constant ICMP_UNREACH_NET_UNKNOWN => 6; use constant ICMP_UNREACH_HOST_UNKNOWN => 7; use constant ICMP_UNREACH_ISOLATED => 8; use constant ICMP_UNREACH_NET_PROHIB => 9; use constant ICMP_UNREACH_HOST_PROHIB => 10; use constant ICMP_UNREACH_TOSNET => 11; use constant ICMP_UNREACH_TOSHOST => 12; use constant ICMP_UNREACH_FILTER_PROHIB => 13; use constant ICMP_UNREACH_HOST_PRECEDENCE => 14; use constant ICMP_UNREACH_PRECEDENCE_CUTOFF => 15; # Redirect Codes use constant ICMP_REDIRECT_NET => 0; use constant ICMP_REDIRECT_HOST => 1; use constant ICMP_REDIRECT_TOSNET => 2; use constant ICMP_REDIRECT_TOSHOST => 3; # Time-Exceeded Codes use constant ICMP_TIMXCEED_INTRANS => 0; use constant ICMP_TIMXCEED_REASS => 1; # Parameter-Problem Codes use constant ICMP_PARAMPROB_OPTABSENT => 1; # # Test for informational types # sub icmp_infotype { my $type = shift; return ($type == ICMP_ECHOREPLY || $type == ICMP_ECHO || $type == ICMP_ROUTERADVERT || $type == ICMP_ROUTERSOLICIT || $type == ICMP_TSTAMP || $type == ICMP_TSTAMPREPLY || $type == ICMP_IREQ || $type == ICMP_IREQREPLY || $type == ICMP_MASKREQ || $type == ICMP_MASKREPLY); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ICMP packet if (defined($pkt)) { ($self->{type}, $self->{code}, $self->{cksum}, $self->{data}) = unpack("CCna*", $pkt); } # Return a blessed object bless($self, $class); return $self; } # # Strip a packet of its header and return the data # undef &icmp_strip; *icmpstrip = \&strip; sub strip { my ($pkt) = @_; my $icmp_obj = decode($pkt); return $icmp_obj->{data}; } # # Encode a packet # sub encode { my $self = shift; my ($ip) = @_; my ($packet); # Checksum the packet $self->checksum(); # Put the packet together $packet = pack("CCna*", $self->{type}, $self->{code}, $self->{cksum}, $self->{data}); return($packet); } # # Calculate ICMP checksum sub checksum { my $self = shift; my ($ip) = @_; my ($packet,$zero); # Put the packet together for checksumming $zero = 0; $packet = pack("CCna*", $self->{type}, $self->{code}, $zero, $self->{data}); $self->{cksum} = NetPacket::htons(NetPacket::in_cksum($packet)); } # # Module initialisation # 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::ICMP - Assemble and disassemble ICMP (Internet Control Message Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::ICMP; $icmp_obj = NetPacket::ICMP->decode($raw_pkt); $icmp_pkt = NetPacket::ICMP->encode(); $icmp_data = NetPacket::ICMP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode()> Return an ICMP packet encoded with the instance data specified. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the ICMP packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item type The ICMP message type of this packet. =item code The ICMP message code of this packet. =item cksum The checksum for this packet. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default none =item exportable ICMP message types: ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY =item tags The following tags group together related exportable items. =over =item C<:types> ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY =item C<:strip> Import the strip function C. =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following example prints the ICMP type, code, and checksum fields. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP qw(:strip); use NetPacket::ICMP; sub process_pkt { my ($user, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $icmp_obj = NetPacket::ICMP->decode(ip_strip($ip_obj)); print("Type: $icmp_obj->{type}\n"); print("Code: $icmp_obj->{code}\n"); print("Checksum: $icmp_obj->{cksum}\n\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'icmp'); =head1 TODO =over =item Create constants =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE Stephanie Wehner Eatrak@itsx.comE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.6.0/lib/NetPacket/USBMon.pm0000644000175000017500000001666512500661227017016 0ustar yanickyanickpackage NetPacket::USBMon; BEGIN { $NetPacket::USBMon::AUTHORITY = 'cpan:YANICK'; } #ABSTRACT: Assemble and disassemble USB packets captured via Linux USBMon interface. $NetPacket::USBMon::VERSION = '1.6.0'; use 5.10.0; use strict; use warnings; use parent 'NetPacket'; our @EXPORT_OK = qw( USB_TYPE_SUBMISSION USB_TYPE_CALLBACK USB_TYPE_ERROR USB_XFER_TYPE_ISO USB_XFER_TYPE_INTR USB_XFER_TYPE_CONTROL USB_XFER_TYPE_BULK USB_FLAG_SETUP_IRRELEVANT USB_FLAG_SETUP_RELEVANT USB_FLAG_DATA_ERROR USB_FLAG_DATA_INCOMING USB_FLAG_DATA_OUTGOING USB_FLAG_DATA_PRESENT USB_TYPE_VENDOR ); our %EXPORT_TAGS =( ALL => \@EXPORT_OK, types => [qw(USB_TYPE_SUBMISSION USB_TYPE_CALLBACK USB_TYPE_ERROR)], xfer_types => [qw(USB_XFER_TYPE_ISO USB_XFER_TYPE_INTR USB_XFER_TYPE_CONTROL USB_XFER_TYPE_BULK)], setup_flags => [qw(USB_FLAG_SETUP_IRRELEVANT USB_FLAG_SETUP_RELEVANT)], data_flags => [qw(USB_FLAG_DATA_ERROR USB_FLAG_DATA_INCOMING USB_FLAG_DATA_OUTGOING USB_FLAG_DATA_PRESENT)], setup_types => [qw(USB_TYPE_VENDOR)], ); use constant USB_TYPE_SUBMISSION => 'S'; use constant USB_TYPE_CALLBACK => 'C'; use constant USB_TYPE_ERROR => 'E'; use constant USB_XFER_TYPE_ISO => 0; use constant USB_XFER_TYPE_INTR => 1; use constant USB_XFER_TYPE_CONTROL => 2; use constant USB_XFER_TYPE_BULK => 3; use constant USB_FLAG_SETUP_IRRELEVANT => '-'; use constant USB_FLAG_SETUP_RELEVANT => chr(0); use constant USB_FLAG_DATA_ERROR => 'E'; use constant USB_FLAG_DATA_INCOMING => '<'; use constant USB_FLAG_DATA_OUTGOING => '>'; use constant USB_FLAG_DATA_PRESENT => chr(0); use constant USB_TYPE_VENDOR => 0x40; sub decode { my $class = shift; my $packet = shift; my $parent = shift; my($id, $type, $xfer_type, $epnum, $devnum, $busnum, $flag_setup, $flag_data, $ts_sec, $ts_usec, $status, $length, $len_cap, $s, $interval, $start_frame, $xfer_flags, $ndesc, $rest) = unpack('a8CCCCS $parent, _frame => $packet, id => $id, type => chr($type), xfer_type => $xfer_type, ep => { num => ($epnum & 0x7f), dir => ($epnum & 0x80 ? 'IN' : 'OUT'), }, devnum => $devnum, busnum => $busnum, flag_setup => chr($flag_setup), flag_data => chr($flag_data), ts_sec => $ts_sec, ts_usec => $ts_usec, status => $status, length => $length, len_cap => $len_cap, interval => $interval, start_frame => $start_frame, xfer_flags => $xfer_flags, ndesc => $ndesc, }; # Setup if ($self->{flag_setup} ne USB_FLAG_SETUP_IRRELEVANT) { my $setup = {}; my $rest; ($setup->{bmRequestType}, $setup->{bRequest}, $rest) = unpack('CCa*', $s); if ($setup->{bmRequestType} & USB_TYPE_VENDOR) { ($setup->{wValue}, $setup->{wIndex}, $setup->{wLength}) = unpack('S<3', $rest); } else { # Unknown setup request; $setup->{data} = $rest; } $self->{setup} = $setup; } # Isochronous descriptors if ($self->{xfer_type} == USB_XFER_TYPE_ISO) { my $iso = {}; ($iso->{error_count}, $iso->{numdesc}) = unpack('i{iso} = $iso; } # Data warn 'Payload length mismatch' if length($rest) ne $self->{len_cap}; $self->{data} = $rest; return bless $self, $class; } 1; __END__ =pod =head1 NAME NetPacket::USBMon - Assemble and disassemble USB packets captured via Linux USBMon interface. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::USBMon; $usb = NetPacket::USBMon->decode($raw_pkt); =head1 DESCRIPTION C is a L decoder of USB packets captured via Linux USBMon interface. =head2 Methods =over =item Cdecode([RAW PACKET])> Decode a USB packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item id An in-kernel address of the USB Request Block (URB). Stays the same for the transaction submission and completion. Might be truncatted when reading a 64-bit capture with 32-bit file. =item type URB type. Character 'S', 'C' or 'E', for constants USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK or USB_TYPE_ERROR. =item xfer_type Transfer type. USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL or USB_XFER_TYPE_BULK. =item ep Endpoint identification. =over 8 =item num Endpoint number. =item dir Transfer direction. "IN" or "OUT". =back =item devnum Device address. =item busnum Bus number. =item flag_setup Indicates whether setup is present and makes sense. =item flag_data Indicates whether data is present and makes sense. =item ts_sec Timestamp seconds since epoch. Subject to truncation with 32-bit Perl, which should be fine until 2038. =item ts_usec Timestamp microseconds. =item status URB status. Negative errno. =item length Length of data (submitted or actual). =item len_cap Delivered length =item setup Only present for packets with setup_flag turned on. Some contents are dependent on actual request type. =over 8 =item bmRequestType =item bRequest =item wValue =item wIndex =item wLength =back =item iso Only present for isochronous transfers. =over 8 =item error_count =item numdesc =back =item interval Isochronous packet response rate. =item start_frame Only applicable to isochronous transfers. =item xfer_flags A copy of URB's transfer_flags. =item ndesc Actual number of isochronous descriptors. =item data Packet payload. =back =head2 Exports =over =item default none =item exportable USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK, USB_TYPE_ERROR, USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL, USB_XFER_TYPE_BULK, USB_FLAG_SETUP_IRRELEVANT, USB_FLAG_SETUP_RELEVANT, USB_FLAG_DATA_ERROR, USB_FLAG_DATA_INCOMING, USB_FLAG_DATA_OUTGOING, USB_FLAG_DATA_PRESENT, USB_TYPE_VENDOR =item tags The following tags group together related exportable items. =over =item C<:types> USB_TYPE_SUBMISSION, USB_TYPE_CALLBACK, USB_TYPE_ERROR =item C<:xfer_types> USB_XFER_TYPE_ISO, USB_XFER_TYPE_INTR, USB_XFER_TYPE_CONTROL, USB_XFER_TYPE_BULK =item C<:setup_flags> USB_FLAG_SETUP_IRRELEVANT, USB_FLAG_SETUP_RELEVANT =item C<:data_flags> USB_FLAG_DATA_ERROR, USB_FLAG_DATA_INCOMING, USB_FLAG_DATA_OUTGOING, USB_FLAG_DATA_PRESENT =item C<:setup_types> USB_TYPE_VENDOR =item C<:ALL> All the above exportable items. =back =back =head1 COPYRIGHT Copyright (c) 2013 Lubomir Rintel. This module is free software. You can redistribute it and/or modify it under the same terms as Perl itself. =head1 AUTHOR Lubomir Rintel Elkundrak@v3.skE =cut NetPacket-1.6.0/lib/NetPacket/ARP.pm0000644000175000017500000001341312500661227016321 0ustar yanickyanickpackage NetPacket::ARP; BEGIN { $NetPacket::ARP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble ARP (Address Resolution Protocol) packets. $NetPacket::ARP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; our @EXPORT = qw(); # Other items we are prepared to export if requested our @EXPORT_OK = qw( arp_strip ARP_OPCODE_REQUEST ARP_OPCODE_REPLY RARP_OPCODE_REQUEST RARP_OPCODE_REPLY ARPHRD_NETROM ARPHRD_ETHER ARPHRD_EETHER ARPHRD_AX25 ARPHRD_PRONET ARPHRD_CHAOS ARPHRD_IEEE802 ARPHRD_ARCNET ARPHRD_APPLETLK ARPHRD_DLCI ARPHRD_ATM ARPHRD_METRICOM ARPHRD_IEEE1394 ARPHRD_EUI64 ARPHRD_INFINIBAND ); our %EXPORT_TAGS = ( ALL => [@EXPORT, @EXPORT_OK], opcodes => [qw(ARP_OPCODE_REQUEST ARP_OPCODE_REPLY RARP_OPCODE_REQUEST RARP_OPCODE_REPLY)], protos => [qw(ARPHRD_NETROM ARPHRD_ETHER ARPHRD_AX25 ARPHRD_PRONET ARPHRD_CHAOS ARPHRD_IEEE802 ARPHRD_ARCNET ARPHRD_APPLETLK ARPHRD_DLCI ARPHRD_ATM ARPHRD_METRICOM ARPHRD_IEEE1394 ARPHRD_EUI64 ARPHRD_INFINIBAND)], strip => [qw(arp_strip)], ); # # List of opcode values # use constant ARP_OPCODE_REQUEST => 1; use constant ARP_OPCODE_REPLY => 2; use constant RARP_OPCODE_REQUEST => 3; use constant RARP_OPCODE_REPLY => 4; # # List of hardware identifiers # use constant ARPHRD_NETROM => 0; use constant ARPHRD_ETHER => 1; use constant ARPHRD_EETHER => 2; use constant ARPHRD_AX25 => 3; use constant ARPHRD_PRONET => 4; use constant ARPHRD_CHAOS => 5; use constant ARPHRD_IEEE802 => 6; use constant ARPHRD_ARCNET => 7; use constant ARPHRD_APPLETLK => 8; use constant ARPHRD_DLCI => 15; use constant ARPHRD_ATM => 19; use constant ARPHRD_METRICOM => 23; use constant ARPHRD_IEEE1394 => 24; use constant ARPHRD_EUI64 => 27; use constant ARPHRD_INFINIBAND => 32; # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode ARP packet if (defined($pkt)) { ($self->{htype}, $self->{proto}, $self->{hlen}, $self->{plen}, $self->{opcode}, $self->{sha}, $self->{spa}, $self->{tha}, $self->{tpa}) = unpack('nnCCnH12H8H12H8' , $pkt); $self->{data} = undef; } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it. ARP # packets contain no encapsulated data. # undef &arp_strip; *arp_strip = \&strip; sub strip { return undef; } # # Encode a packet # sub encode { die("Not implemented"); } # Module return value 1; =pod =head1 NAME NetPacket::ARP - Assemble and disassemble ARP (Address Resolution Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::ARP; $tcp_obj = NetPacket::ARP->decode($raw_pkt); $tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return a ARP packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item htype Hardware type. =item proto Protocol type. =item hlen Header length. =item plen Protocol length. =item opcode One of the following constants: =over =item * ARP_OPCODE_REQUEST =item * ARP_OPCODE_REPLY =item * RARP_OPCODE_REQUEST =item * RARP_OPCODE_REPLY =back =item sha Source hardware address. =item spa Source protocol address. =item tha Target hardware address. =item tpa Target protocol address. =back =head2 Exports =over =item default none =item exportable none =item tags The following tags group together related exportable items. =over =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE Print out arp requests on the local network. #!/usr/bin/perl -w use Net::PcapUtils; use NetPacket::Ethernet qw(:types); use NetPacket::ARP; sub process_pkt { my ($arg, $hdr, $pkt) = @_; my $eth_obj = NetPacket::Ethernet->decode($pkt); if ($eth_obj->{type} == ETH_TYPE_ARP) { my $arp_obj = NetPacket::ARP->decode($eth_obj->{data}, $eth_obj); print("source hw addr=$arp_obj->{sha}, " . "dest hw addr=$arp_obj->{tha}\n"); } } Net::PcapUtils::loop(\&process_pkt); =head1 TODO =over =item Implement encode() function =item Does this work for protocols other than IP? Need to read RFC. =item Example is a bit silly =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.6.0/lib/NetPacket/IPX.pm0000644000175000017500000001141012500661227016332 0ustar yanickyanickpackage NetPacket::IPX; BEGIN { $NetPacket::IPX::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble IPX packets $NetPacket::IPX::VERSION = '1.6.0'; use strict; use warnings; use parent qw(NetPacket); use Carp; sub new { my ($class, %packet) = @_; foreach my $key(qw(tc type dest_network dest_node dest_socket src_network src_node src_socket data)) { croak("Missing $key argument") unless(defined($packet{$key})); } croak("Invalid tc argument") unless($packet{tc} =~ m/^\d+$/ && $packet{tc} <= 255); croak("Invalid type argument") unless($packet{type} =~ m/^\d+$/ && $packet{type} <= 255); _check_address("destination", $packet{dest_network}, $packet{dest_node}, $packet{dest_socket}); _check_address("source", $packet{src_network}, $packet{src_node}, $packet{src_socket}); return bless(\%packet, $class); } sub _check_address { my ($direction, $network, $node, $socket) = @_; my $OCTET = qr/[0-9A-F][0-9A-F]?/i; croak("Invalid $direction network") unless($network =~ m/^$OCTET(:$OCTET){3}$/); croak("Invalid $direction node") unless($node =~ m/^$OCTET(:$OCTET){5}$/); croak("Invalid $direction socket") unless($socket =~ m/^\d+$/ && $socket <= 65535); } # # Decode the packet # sub decode { my ($class, $pkt, $parent) = @_; my $self = bless({ _parent => $parent, _frame => $pkt, }, $class); if(defined($pkt)) { # Use array slices to capture the appropriate number of bytes # from each address field. my ( $checksum, $length, $tc, $type, @dst_network, @dst_node, $dst_socket, @src_network, @src_node, $src_socket, ); ( $checksum, $length, $tc, $type, @dst_network[0..3], @dst_node[0..5], $dst_socket, @src_network[0..3], @src_node[0..5], $src_socket, ) = unpack("nnCC C4C6n C4C6n", $pkt); $self->{tc} = $tc; $self->{type} = $type; $self->{dest_network} = _addr_to_string(@dst_network); $self->{dest_node} = _addr_to_string(@dst_node); $self->{dest_socket} = $dst_socket; $self->{src_network} = _addr_to_string(@src_network); $self->{src_node} = _addr_to_string(@src_node); $self->{src_socket} = $src_socket; $self->{data} = substr($pkt, 30); } return $self; } # # Strip header from packet and return the data contained in it # sub strip { my ($pkt) = @_; return NetPacket::IPX->decode($pkt)->{data}; } # # Encode a packet # sub encode { my ($self) = @_; return pack("nnCC", 0xFFFF, 30 + length($self->{data}), $self->{tc}, $self->{type}) ._addr_from_string($self->{dest_network}) ._addr_from_string($self->{dest_node}) .pack("n", $self->{dest_socket}) ._addr_from_string($self->{src_network}) ._addr_from_string($self->{src_node}) .pack("n", $self->{src_socket}) .$self->{data}; } sub _addr_to_string { my (@bytes) = @_; return join(":", map { sprintf("%02X", $_) } @bytes); } sub _addr_from_string { my ($string) = @_; return join("", map { pack("C", hex($_)) } split(m/:/, $string)); } 1; __END__ =pod =head1 NAME NetPacket::IPX - Assemble and disassemble IPX packets =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::IPX; my $ipx = NetPacket::IPX->decode($raw_pkt); my $raw_pkt = $ipx->encode(); my $ipx = NetPacket::IPX->new( tc => 0, type => 1, dest_network => "00:00:00:01", dest_node => "FF:FF:FF:FF:FF:FF", dest_socket => 1234, src_network => "00:00:00:01", src_node => "12:34:56:78:90:AB", src_socket => 5678, data => "...", ); =head1 DESCRIPTION C is a C class for encoding and decoding IPX packets. =head1 METHODS =head2 decode($raw_pkt) Decode a packet and return a C instance. =head2 encode() Return the encoded form of a C instance. =head2 new(%options) Construct a C instance with arbitrary contents. All arguments listed in the SYNOPSIS are mandatory. Throws an exception on missing/invalid arguments. =head1 INSTANCE DATA The following fields are available in a C instance: =over =item tc Traffic Control field, the number of routers an IPX packet has passed through. =item type Type field. =item dest_network Destination network number, in the format C. =item dest_node Destination node number, in the format C. =item dest_socket Destination socket number. =item src_network Source network number, in the format C. =item dest_node Source node number, in the format C. =item dest_socket Source socket number. =item data Packet payload. =back =head1 COPYRIGHT Copyright (C) 2014 Daniel Collins This module is free software. You can redistribute it and/or modify it under the same terms as Perl itself. =head1 AUTHOR Daniel Collins Esolemnwarning@solemnwarning.netE =cut NetPacket-1.6.0/lib/NetPacket/IGMP.pm0000644000175000017500000001562312500661227016440 0ustar yanickyanickpackage NetPacket::IGMP; BEGIN { $NetPacket::IGMP::AUTHORITY = 'cpan:YANICK'; } # ABSTRACT: Assemble and disassemble IGMP (Internet Group Mangement Protocol) packets. $NetPacket::IGMP::VERSION = '1.6.0'; use strict; use warnings; use parent 'NetPacket'; our @EXPORT_OK = qw(igmp_strip IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 IGMP_VERSION_RFC2236 IGMP_VERSION_RFC3376 IGMP_MSG_HOST_MQUERY IGMP_MSG_HOST_MREPORT IGMP_MSG_HOST_MQUERYv2 IGMP_MSG_HOST_MREPORTv1 IGMP_MSG_HOST_MREPORTv2 IGMP_MSG_HOST_LEAVE IGMP_MSG_HOST_MREPORTv3 IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS ); our %EXPORT_TAGS = ( ALL => [@EXPORT_OK], strip => [qw(igmp_strip)], versions => [qw(IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 IGMP_VERSION_RFC2236 IGMP_VERSION_RFC3376)], msgtypes => [qw(IGMP_MSG_HOST_MQUERY IGMP_MSG_HOST_MREPORT IGMP_MSG_HOST_MQUERYv2 IGMP_MSG_HOST_MREPORTv1 IGMP_MSG_HOST_MREPORTv2 IGMP_MSG_HOST_LEAVE IGMP_MSG_HOST_MREPORTv3)], group_addrs => [qw(IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS)] ); # # Version numbers # use constant IGMP_VERSION_RFC998 => 0; # Version 0 of IGMP (obsolete) use constant IGMP_VERSION_RFC1112 => 1; # Version 1 of IGMP use constant IGMP_VERSION_RFC2236 => 2; # Version 2 of IGMP use constant IGMP_VERSION_RFC3376 => 3; # Version 3 of IGMP # # Message types # use constant IGMP_MSG_HOST_MQUERY => 1; # Host membership query use constant IGMP_MSG_HOST_MREPORT => 2; # Host membership report use constant IGMP_MSG_HOST_MQUERYv2 => 0x11; # Host membership query use constant IGMP_MSG_HOST_MREPORTv1 => 0x12; # Host membership report use constant IGMP_MSG_HOST_MREPORTv2 => 0x16; # Host membership report use constant IGMP_MSG_HOST_LEAVE => 0x17; # Leave group use constant IGMP_MSG_HOST_MREPORTv3 => 0x22; # Host membership report # # IGMP IP addresses # use constant IGMP_IP_NO_HOSTS => '224.0.0.0'; # Not assigned to anyone use constant IGMP_IP_ALL_HOSTS => '224.0.0.1'; # All hosts on local net use constant IGMP_IP_ALL_ROUTERS => '224.0.0.2'; # All routers on local net # Convert 32-bit IP address to "dotted quad" notation sub to_dotquad { my($net) = @_ ; my($na, $nb, $nc, $nd); $na = $net >> 24 & 255; $nb = $net >> 16 & 255; $nc = $net >> 8 & 255; $nd = $net & 255; return ("$na.$nb.$nc.$nd"); } # # Decode the packet # sub decode { my $class = shift; my($pkt, $parent) = @_; my $self = {}; # Class fields $self->{_parent} = $parent; $self->{_frame} = $pkt; # Decode IGMP packet if (defined($pkt)) { my $tmp; ($tmp, $self->{subtype}, $self->{cksum}, $self->{group_addr}, $self->{data}) = unpack('CCnNa*', $pkt); # Extract bit fields $self->{version} = ($tmp & 0xf0) >> 4; $self->{type} = $tmp & 0x0f; # Convert to dq notation $self->{group_addr} = to_dotquad($self->{group_addr}); } # Return a blessed object bless($self, $class); return $self; } # # Strip header from packet and return the data contained in it. IGMP # packets contain no encapsulated data. # undef &igmp_strip; *igmp_strip = \&strip; sub strip { return undef; } # # Encode a packet # sub encode { die("Not implemented"); } # Module return value 1; # autoloaded methods go after the END token (&& pod) below =pod =head1 NAME NetPacket::IGMP - Assemble and disassemble IGMP (Internet Group Mangement Protocol) packets. =head1 VERSION version 1.6.0 =head1 SYNOPSIS use NetPacket::IGMP; $igmp_obj = NetPacket::IGMP->decode($raw_pkt); $igmp_pkt = NetPacket::IGMP->encode(params...); # Not implemented $igmp_data = NetPacket::IGMP::strip($raw_pkt); =head1 DESCRIPTION C provides a set of routines for assembling and disassembling packets using IGMP (Internet Group Mangement Protocol). =head2 Methods =over =item Cdecode([RAW PACKET])> Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method. =item Cencode(param =E value)> Return an IGMP packet encoded with the instance data specified. Not implemented. =back =head2 Functions =over =item C Return the encapsulated data (or payload) contained in the IGMP packet. This function returns undef as there is no encapsulated data in an IGMP packet. =back =head2 Instance data The instance data for the C object consists of the following fields. =over =item version The IGMP version of this packet. =item type The message type for this packet. =item len The length (including length of header) in bytes for this packet. =item subtype The message subtype for this packet. =item cksum The checksum for this packet. =item group_addr The group address specified in this packet. =item data The encapsulated data (payload) for this packet. =back =head2 Exports =over =item default none =item exportable IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 IGMP_HOST_MQUERY IGMP_HOST_MREPORT IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS =item tags The following tags group together related exportable items. =over =item C<:strip> Import the strip function C. =item C<:versions> IGMP_VERSION_RFC998 IGMP_VERSION_RFC1112 =item C<:msgtypes> IGMP_HOST_MQUERY IGMP_HOST_MREPORT =item C<:group_addrs> IGMP_IP_NO_HOSTS IGMP_IP_ALL_HOSTS IGMP_IP_ALL_ROUTERS =item C<:ALL> All the above exportable items. =back =back =head1 EXAMPLE The following script dumps UDP frames by IP address and UDP port to standard output. #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; use NetPacket::IGMP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($pkt)); my $igmp_obj = NetPacket::IGMP->decode($ip_obj->{data}); print("$ip_obj->{src_ip} -> $ip_obj->{dest_ip} ", "$igmp_obj->{type}/$igmp_obj->{subtype} ", "$igmp_obj->{group_addr}\n"); } Net::PcapUtils::loop(\&process_pkt, FILTER => 'igmp'); =head1 TODO =over =item Implement encode() function =back =head1 COPYRIGHT Copyright (c) 2001 Tim Potter. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. =head1 AUTHOR Tim Potter Etpot@samba.orgE =cut __END__ # any real autoloaded methods go after this line NetPacket-1.6.0/Makefile.PL0000644000175000017500000000274712500661227014677 0ustar yanickyanick # This file was automatically generated by Dist::Zilla::Plugin::MakeMaker v5.031. use strict; use warnings; use 5.010000; use ExtUtils::MakeMaker; my %WriteMakefileArgs = ( "ABSTRACT" => "assemble/disassemble network packets at the protocol level", "AUTHOR" => "Tim Potter , Stephanie Wehner , Yanick Champoux ", "CONFIGURE_REQUIRES" => { "ExtUtils::MakeMaker" => 0 }, "DISTNAME" => "NetPacket", "EXE_FILES" => [], "LICENSE" => "artistic_2", "MIN_PERL_VERSION" => "5.010000", "NAME" => "NetPacket", "PREREQ_PM" => { "Carp" => 0, "Exporter" => 0, "constant" => 0, "parent" => 0, "strict" => 0, "warnings" => 0 }, "TEST_REQUIRES" => { "File::Spec" => 0, "IO::Handle" => 0, "IPC::Open3" => 0, "Test::More" => "0.88" }, "VERSION" => "1.6.0", "test" => { "TESTS" => "t/*.t" } ); my %FallbackPrereqs = ( "Carp" => 0, "Exporter" => 0, "ExtUtils::MakeMaker" => 0, "File::Spec" => 0, "IO::Handle" => 0, "IPC::Open3" => 0, "Test::More" => "0.88", "constant" => 0, "parent" => 0, "strict" => 0, "warnings" => 0 ); unless ( eval { ExtUtils::MakeMaker->VERSION(6.63_03) } ) { delete $WriteMakefileArgs{TEST_REQUIRES}; delete $WriteMakefileArgs{BUILD_REQUIRES}; $WriteMakefileArgs{PREREQ_PM} = \%FallbackPrereqs; } delete $WriteMakefileArgs{CONFIGURE_REQUIRES} unless eval { ExtUtils::MakeMaker->VERSION(6.52) }; WriteMakefile(%WriteMakefileArgs); NetPacket-1.6.0/MANIFEST0000644000175000017500000000101612500661227014042 0ustar yanickyanickCONTRIBUTORS Changes INSTALL LICENSE MANIFEST META.json META.yml Makefile.PL README README.mkdn SIGNATURE cpanfile doap.xml lib/NetPacket.pm lib/NetPacket/ARP.pm lib/NetPacket/Ethernet.pm lib/NetPacket/ICMP.pm lib/NetPacket/IGMP.pm lib/NetPacket/IP.pm lib/NetPacket/IPX.pm lib/NetPacket/TCP.pm lib/NetPacket/UDP.pm lib/NetPacket/USBMon.pm t/00-compile.t t/000-report-versions-tiny.t t/bug-37931.t t/checksum.t t/ethernet.t t/general.t t/icmp.t t/ip_encode.t t/ip_trailing.t t/ipx.t t/tcp.t t/udp-checksum.t t/udp.t t/usbmon.t NetPacket-1.6.0/Changes0000644000175000017500000001013512500661227014206 0ustar yanickyanickrevision history for NetPacket 1.6.0 2015-03-13 [ENHANCEMENTS] - Clean up inheritance code (Philip Prindeville). - Add a truckload of constants (Philip Prindeville). [STATISTICS] - code churn: 12 files changed, 343 insertions(+), 220 deletions(-) 1.5.0 2014-06-15 [ENHANCEMENTS] - Addition of NetPacket::IPX. (Daniel Collins) - NetPacket::Ethernet implements 'encode'. (RT#93928, Guido Hungerbuehler) [STATISTICS] - code churn: 7 files changed, 337 insertions(+), 13 deletions(-) 1.4.4 2013-11-30 [BUG FIXES] - NetPacket::USBMon: also handle big endian perl without quad type. (GH#5, Andreas Schwab) - Typo fix in comments. (GH#6, fschlich) [STATISTICS] - code churn: 3 files changed, 13 insertions(+), 4 deletions(-) 1.4.3 2013-10-03 [BUG FIXES] - Unpack data in LittleEndian format. (GH#4, k0da) [STATISTICS] - code churn: 3 files changed, 62 insertions(+), 27 deletions(-) 1.4.2 2013-09-25 [BUG FIXES] - Dist::Zilla::Plugin::Test::Compile was causing test to potentially hang on Windows. (reported by Karen Etheridge) [MISC] - Tidy up the changelog. (GH#3, Neil Bowers) [STATISTICS] - code churn: 2 files changed, 46 insertions(+), 20 deletions(-) 1.4.1 2013-09-05 [BUG FIXES] - Test was using Errno constant and failing on some platforms. [STATISTICS] - code churn: 2 files changed, 15 insertions(+), 7 deletions(-) 1.4.0 2013-08-26 [DOCUMENTATION] - Fixing NetPacked::UDP documentation. (RT#85361, Ben Magistro) [ENHANCEMENTS] - New NetPacket::USBMon. (GH#2, lkundrak) [STATISTICS] - code churn: 8 files changed, 595 insertions(+), 16 deletions(-) 1.3.3 2013-05-15 [BUG FIXES] - Parse SACK option and fix TSecr parsing. (GH#1, Robin Lee) [STATISTICS] - code churn: 5 files changed, 46 insertions(+), 7 deletions(-) 1.3.2 2013-05-03 [BUG FIXES] - Fix NetPacket::UDP's strip. (RT#85038, reported by Stan Schwertly) [STATISTICS] - code churn: 12 files changed, 71 insertions(+), 21 deletions(-) 1.3.1 2011-11-23 [BUG FIXES] - Use of constant withotu parenthesis made test fail under 5.6.2. 1.3.0 2011-11-13 [ENHANCEMENTS] - 'parse_tcp_options()' method added to NetPacket::TCP (patch by Tom Linden) [RT#71320] 1.2.0 2011-07-26 [ENHANCEMENTS] - Add support for Ethernet VLAN (thanks to Kai Chan) 1.1.2 2011-06-20 [BUG FIXES] - Add a INSTALL file 1.1.1 2011-02-07 - Add the new Ethernet types to the export list. (thanks to Sergey, again :-) ) (RT#64799) 1.1.0 2011-01-15 - Add a few Ethernet types. (thanks to Sergey) (RT#64799) 1.0.1 2010-10-19 - Make the example verbatim in pod in NetPacket::UDP (rt#62097) 1.0.0 2010-10-17 - Remove modules NetPacket::ICMPv6, NetPacket::IPv6 and NetPacket::PFLog as the license of the patch clashes with the license of the distribution. (RT#62197) 0.43.2 2010-10-11 - Change the COPYRIGHT sections of the pods to match the Artistic 2.0 license. (RT#60954) 0.43.1 2010-06-11 - Change a test to use explicit number of tests instead of 'done_testing'. 0.43.0 2010-05-23 - Fixed UDP checksum. Thanks to Hal Finkel. (RT#56235) - Added Joel Knight's code for IPv6 support from http://www.packetmischief.ca/code/netpacket/. Thanks to Doug Farley for the bug report. (RT#57560) 0.42.0 2010-03-25 - Updated license to Artistic 2.0 - Fixed bad call to 'data()' in ICMP. Thanks to Ventz Petkov. (RT#52627) 0.41.1 2009-01-06 - Fixed bug 37931: export of ICMP_MASKREQ - Fixed UDP and TCP checksums for odd-sized packets - Fixed import from NetPacket::UDP - Fixed bug 37931: export of ICMP_MASKREQ - Added git repo and bug tracking info to META.yml 0.41.0_0 2008-12-20 - Fixed bug 18941 - NetPacket::IP includes trailing trash bytes in $ip->{data} - Fixed bug 7010 - IP flags field lost in IP::encode() - Added Build.PL - Moved history off the README file into this one (Changes) - Moved module structure to /lib - Version now gathered from NetPacket.pm - META.yml added to MANIFEST - Added myself (Yanick) as author - Switched to major.minor.revision version notation 0.04 2003-05-21 - Checksum offset fix, thanks to J. Hoagland for pointing this out. 0.03 2001-07-30 0.01 1999-04-24 - First release by TIMPOTTER NetPacket-1.6.0/LICENSE0000644000175000017500000002154412500661227013726 0ustar yanickyanickThis software is Copyright (c) 2015 by Tim Potter and Stephanie Wehner. This is free software, licensed under: The Artistic License 2.0 (GPL Compatible) The Artistic License 2.0 Copyright (c) 2000-2006, The Perl Foundation. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble This license establishes the terms under which a given free software Package may be copied, modified, distributed, and/or redistributed. The intent is that the Copyright Holder maintains some artistic control over the development of that Package while still keeping the Package available as open source and free software. You are always permitted to make arrangements wholly outside of this license directly with the Copyright Holder of a given Package. If the terms of this license do not permit the full use that you propose to make of the Package, you should contact the Copyright Holder and seek a different licensing arrangement. Definitions "Copyright Holder" means the individual(s) or organization(s) named in the copyright notice for the entire Package. "Contributor" means any party that has contributed code or other material to the Package, in accordance with the Copyright Holder's procedures. "You" and "your" means any person who would like to copy, distribute, or modify the Package. "Package" means the collection of files distributed by the Copyright Holder, and derivatives of that collection and/or of those files. A given Package may consist of either the Standard Version, or a Modified Version. "Distribute" means providing a copy of the Package or making it accessible to anyone else, or in the case of a company or organization, to others outside of your company or organization. "Distributor Fee" means any fee that you charge for Distributing this Package or providing support for this Package to another party. It does not mean licensing fees. "Standard Version" refers to the Package if it has not been modified, or has been modified only in ways explicitly requested by the Copyright Holder. "Modified Version" means the Package, if it has been changed, and such changes were not explicitly requested by the Copyright Holder. "Original License" means this Artistic License as Distributed with the Standard Version of the Package, in its current version or as it may be modified by The Perl Foundation in the future. "Source" form means the source code, documentation source, and configuration files for the Package. "Compiled" form means the compiled bytecode, object code, binary, or any other form resulting from mechanical transformation or translation of the Source form. Permission for Use and Modification Without Distribution (1) You are permitted to use the Standard Version and create and use Modified Versions for any purpose without restriction, provided that you do not Distribute the Modified Version. Permissions for Redistribution of the Standard Version (2) You may Distribute verbatim copies of the Source form of the Standard Version of this Package in any medium without restriction, either gratis or for a Distributor Fee, provided that you duplicate all of the original copyright notices and associated disclaimers. At your discretion, such verbatim copies may or may not include a Compiled form of the Package. (3) You may apply any bug fixes, portability changes, and other modifications made available from the Copyright Holder. The resulting Package will still be considered the Standard Version, and as such will be subject to the Original License. Distribution of Modified Versions of the Package as Source (4) You may Distribute your Modified Version as Source (either gratis or for a Distributor Fee, and with or without a Compiled form of the Modified Version) provided that you clearly document how it differs from the Standard Version, including, but not limited to, documenting any non-standard features, executables, or modules, and provided that you do at least ONE of the following: (a) make the Modified Version available to the Copyright Holder of the Standard Version, under the Original License, so that the Copyright Holder may include your modifications in the Standard Version. (b) ensure that installation of your Modified Version does not prevent the user installing or running the Standard Version. In addition, the Modified Version must bear a name that is different from the name of the Standard Version. (c) allow anyone who receives a copy of the Modified Version to make the Source form of the Modified Version available to others under (i) the Original License or (ii) a license that permits the licensee to freely copy, modify and redistribute the Modified Version using the same licensing terms that apply to the copy that the licensee received, and requires that the Source form of the Modified Version, and of any works derived from it, be made freely available in that license fees are prohibited but Distributor Fees are allowed. Distribution of Compiled Forms of the Standard Version or Modified Versions without the Source (5) You may Distribute Compiled forms of the Standard Version without the Source, provided that you include complete instructions on how to get the Source of the Standard Version. Such instructions must be valid at the time of your distribution. If these instructions, at any time while you are carrying out such distribution, become invalid, you must provide new instructions on demand or cease further distribution. If you provide valid instructions or cease distribution within thirty days after you become aware that the instructions are invalid, then you do not forfeit any of your rights under this license. (6) You may Distribute a Modified Version in Compiled form without the Source, provided that you comply with Section 4 with respect to the Source of the Modified Version. Aggregating or Linking the Package (7) You may aggregate the Package (either the Standard Version or Modified Version) with other packages and Distribute the resulting aggregation provided that you do not charge a licensing fee for the Package. Distributor Fees are permitted, and licensing fees for other components in the aggregation are permitted. The terms of this license apply to the use and Distribution of the Standard or Modified Versions as included in the aggregation. (8) You are permitted to link Modified and Standard Versions with other works, to embed the Package in a larger work of your own, or to build stand-alone binary or bytecode versions of applications that include the Package, and Distribute the result without restriction, provided the result does not expose a direct interface to the Package. Items That are Not Considered Part of a Modified Version (9) Works (including, but not limited to, modules and scripts) that merely extend or make use of the Package, do not, by themselves, cause the Package to be a Modified Version. In addition, such works are not considered parts of the Package itself, and are not subject to the terms of this license. General Provisions (10) Any use, modification, and distribution of the Standard or Modified Versions is governed by this Artistic License. By using, modifying or distributing the Package, you accept this license. Do not use, modify, or distribute the Package, if you do not accept this license. (11) If your Modified Version has been derived from a Modified Version made by someone other than you, you are nevertheless required to ensure that your Modified Version complies with the requirements of this license. (12) This license does not grant you the right to use any trademark, service mark, tradename, or logo of the Copyright Holder. (13) This license includes the non-exclusive, worldwide, free-of-charge patent license to make, have made, use, offer to sell, sell, import and otherwise transfer the Package with respect to any patent claims licensable by the Copyright Holder that are necessarily infringed by the Package. If you institute patent litigation (including a cross-claim or counterclaim) against any party alleging that the Package constitutes direct or contributory patent infringement, then this Artistic License to you shall terminate on the date that such litigation is filed. (14) Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. NetPacket-1.6.0/README.mkdn0000644000175000017500000000662412500661227014533 0ustar yanickyanick# NAME NetPacket - assemble/disassemble network packets at the protocol level # VERSION version 1.6.0 # SYNOPSIS # NetPacket is a base class only # DESCRIPTION `NetPacket` provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each `NetPacket` descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the `NetPacket::` cluster of modules other than each protocol module being a `NetPacket`. This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. # WRITING YOUR OWN `NetPacket::` MODULE You are encouraged to write additional `NetPacket::` modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a `NetPacket::` module. ## Naming Conventions When creating a module in the `NetPacket::` namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the `NetPacket::` easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto ## Required Methods encode(), decode(), strip() ## Required Fields Every NetPacket:: object should have the following fields. - \_parent A link to the parent `NetPacket::` object in which this `NetPacket::` object is encaulated. This field is undefined if there is no parent object. - \_frame A copy of the raw data of the packet. - data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. # SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. # COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. # AUTHORS Tim Potter Stephanie Wehner Yanick Champoux [![endorse](http://api.coderwall.com/yanick/endorsecount.png)](http://coderwall.com/yanick) NetPacket-1.6.0/SIGNATURE0000644000175000017500000000550712500661227014206 0ustar yanickyanickThis file contains message digests of all files listed in MANIFEST, signed via the Module::Signature module, version 0.73. To verify the content in this distribution, first make sure you have Module::Signature installed, then type: % cpansign -v It will check each file's integrity, as well as the signature's validity. If "==> Signature verified OK! <==" is not displayed, the distribution may already have been compromised, and you should not run its Makefile.PL or Build.PL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SHA1 b328c1d4dcba6c8eaf60eaa8bb35d3df8ac77591 CONTRIBUTORS SHA1 b5711aae4b29b265b2ce5030aa8d12fad34bc286 Changes SHA1 22643dd228ff270ad67242430ba0bba9ffc586d1 INSTALL SHA1 a0625be5d75db5d72e1da2c26761ae183b979256 LICENSE SHA1 c5e2fb4953a3ad0ab2165dcd886a05c0da3c8519 MANIFEST SHA1 8c6af5d1cc212ef3a8f427381c2ef7c54776d18f META.json SHA1 5955929eb6733adc98be05c79ef2a6eec41ec5f4 META.yml SHA1 a4a14aaf1f43b5fdc9c20e1796331a28d0b76d90 Makefile.PL SHA1 9d2d8fa3ad5e508f2ad6ea13111fe26770bae601 README SHA1 a174c08cf4d3d0c578816356e6ad99c895a0fa6d README.mkdn SHA1 cacf05c2caa3b7881a884c8ebe7a77fd61b1d80c cpanfile SHA1 fd9cf70f79a463cbad663fececff5efb3ef83406 doap.xml SHA1 d7cb617776568de81e20245ec142b2e803a04036 lib/NetPacket.pm SHA1 5d12f1f920955deb83efdcad571742474183819f lib/NetPacket/ARP.pm SHA1 5629c01d7556a93f8ebb1b1fe7c75f95fc9562de lib/NetPacket/Ethernet.pm SHA1 598aca685fb3299f177066213a3a7ca316bf6e9e lib/NetPacket/ICMP.pm SHA1 15db0f4bf3eb9d5084d4ed72b3a85cfd5562433f lib/NetPacket/IGMP.pm SHA1 c52c165a3ac22959e231fb36377794e8282f535e lib/NetPacket/IP.pm SHA1 8ba7aa9902fe620be228152954516ec1c89090ee lib/NetPacket/IPX.pm SHA1 ee0e8dcd3b2fb81ac00d814a454d1886b8337ea8 lib/NetPacket/TCP.pm SHA1 f22a352b8d2040d0063babd8a27f3042b57bd001 lib/NetPacket/UDP.pm SHA1 4a83c2c0eb37788660e91883a2ccd3436bdc8003 lib/NetPacket/USBMon.pm SHA1 163eac3a409bbae6f7fe58e35264569a931ba849 t/00-compile.t SHA1 567c6f225e54db7f954297742646d94674e4a0a2 t/000-report-versions-tiny.t SHA1 2f95a288a42eed0173859c5bb9d37caee7e4b26b t/bug-37931.t SHA1 721a206d861139f8f73081b8d337bfcdce4247e5 t/checksum.t SHA1 45f23540d419a608363a53ed11b81c589866406e t/ethernet.t SHA1 382d9d077e64a0ea5ee3263579cbc03df0e5a003 t/general.t SHA1 58f7294a0c74eedb982f75b1c8e8bc9fa5395288 t/icmp.t SHA1 a22909fb4a8ce8621107618ef50c6f92a7a6d36a t/ip_encode.t SHA1 1d4a9e2b54461f15aab9557a081db42eaef2c4b0 t/ip_trailing.t SHA1 7f4638ca19b3a50f751e10a533579d6f81e6a52f t/ipx.t SHA1 bb7498ea4eba6a9df548038c1ad77960ee1633fb t/tcp.t SHA1 540bff42594ee78beb63a7316a4478bc58d7e37b t/udp-checksum.t SHA1 35bfbabbd32ddf83a0ac49db63f69de9ff6eadb2 t/udp.t SHA1 86e62e4a5bceec942b536d2b29f7910f883c6387 t/usbmon.t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlUDYpQACgkQ34Hwf+GwC4zdhACeK2vUR0GYNeIVrickcw/QNur6 xD8Ani1pFswUcFCN68FyDPAWarShUW+k =mNa0 -----END PGP SIGNATURE----- NetPacket-1.6.0/INSTALL0000644000175000017500000000164112500661227013746 0ustar yanickyanick This is the Perl distribution NetPacket. Installing NetPacket is straightforward. ## Installation with cpanm If you have cpanm, you only need one line: % cpanm NetPacket If you are installing into a system-wide directory, you may need to pass the "-S" flag to cpanm, which uses sudo to install the module: % cpanm -S NetPacket ## Installing with the CPAN shell Alternatively, if your CPAN shell is set up, you should just be able to do: % cpan NetPacket ## Manual installation As a last resort, you can manually install it. Download the tarball, untar it, then build it: % perl Makefile.PL % make && make test Then install it: % make install If you are installing into a system-wide directory, you may need to run: % sudo make install ## Documentation NetPacket documentation is available as POD. You can run perldoc from a shell to read the documentation: % perldoc NetPacket NetPacket-1.6.0/CONTRIBUTORS0000644000175000017500000000071612500661227014577 0ustar yanickyanick # NETPACKET CONTRIBUTORS # This is the (likely incomplete) list of people who have helped make this distribution what it is, either via code contributions, patches, bug reports, help with troubleshooting, etc. A huge 'thank you' to all of them. * Andreas Schwab * Ben Magistro * Daniel Collins * Dinar Valeev * Lubomir Rintel * Neil Bowers * Robin Lee * Stan Schwertly * Stephanie Wehner * Tim Potter * fschlich NetPacket-1.6.0/META.json0000644000175000017500000000626612500661227014346 0ustar yanickyanick{ "abstract" : "assemble/disassemble network packets at the protocol level", "author" : [ "Tim Potter ", "Stephanie Wehner ", "Yanick Champoux " ], "dynamic_config" : 0, "generated_by" : "Dist::Zilla version 5.031, CPAN::Meta::Converter version 2.142690", "license" : [ "artistic_2" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : "2" }, "name" : "NetPacket", "prereqs" : { "configure" : { "requires" : { "ExtUtils::MakeMaker" : "0" } }, "develop" : { "requires" : { "version" : "0.9901" } }, "runtime" : { "requires" : { "Carp" : "0", "Exporter" : "0", "constant" : "0", "parent" : "0", "perl" : "v5.10.0", "strict" : "0", "warnings" : "0" } }, "test" : { "requires" : { "File::Spec" : "0", "IO::Handle" : "0", "IPC::Open3" : "0", "Test::More" : "0.88" } } }, "provides" : { "NetPacket" : { "file" : "lib/NetPacket.pm", "version" : "v1.6.0" }, "NetPacket::ARP" : { "file" : "lib/NetPacket/ARP.pm", "version" : "v1.6.0" }, "NetPacket::Ethernet" : { "file" : "lib/NetPacket/Ethernet.pm", "version" : "v1.6.0" }, "NetPacket::ICMP" : { "file" : "lib/NetPacket/ICMP.pm", "version" : "v1.6.0" }, "NetPacket::IGMP" : { "file" : "lib/NetPacket/IGMP.pm", "version" : "v1.6.0" }, "NetPacket::IP" : { "file" : "lib/NetPacket/IP.pm", "version" : "v1.6.0" }, "NetPacket::IPX" : { "file" : "lib/NetPacket/IPX.pm", "version" : "v1.6.0" }, "NetPacket::TCP" : { "file" : "lib/NetPacket/TCP.pm", "version" : "v1.6.0" }, "NetPacket::UDP" : { "file" : "lib/NetPacket/UDP.pm", "version" : "v1.6.0" }, "NetPacket::USBMon" : { "file" : "lib/NetPacket/USBMon.pm", "version" : "v1.6.0" } }, "release_status" : "stable", "resources" : { "bugtracker" : { "web" : "https://github.com/yanick/netpacket/issues" }, "homepage" : "https://github.com/yanick/netpacket", "repository" : { "type" : "git", "url" : "https://github.com/yanick/netpacket.git", "web" : "https://github.com/yanick/netpacket" } }, "version" : "1.6.0", "x_authority" : "cpan:YANICK", "x_contributors" : [ "Andreas Schwab ", "Ben Magistro ", "Daniel Collins ", "Dinar Valeev ", "Lubomir Rintel ", "Neil Bowers ", "Robin Lee ", "Stan Schwertly ", "Stephanie Wehner ", "Tim Potter ", "fschlich " ] } NetPacket-1.6.0/META.yml0000644000175000017500000000400312500661227014161 0ustar yanickyanick--- abstract: 'assemble/disassemble network packets at the protocol level' author: - 'Tim Potter ' - 'Stephanie Wehner ' - 'Yanick Champoux ' build_requires: File::Spec: '0' IO::Handle: '0' IPC::Open3: '0' Test::More: '0.88' configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 0 generated_by: 'Dist::Zilla version 5.031, CPAN::Meta::Converter version 2.142690' license: artistic_2 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: '1.4' name: NetPacket provides: NetPacket: file: lib/NetPacket.pm version: v1.6.0 NetPacket::ARP: file: lib/NetPacket/ARP.pm version: v1.6.0 NetPacket::Ethernet: file: lib/NetPacket/Ethernet.pm version: v1.6.0 NetPacket::ICMP: file: lib/NetPacket/ICMP.pm version: v1.6.0 NetPacket::IGMP: file: lib/NetPacket/IGMP.pm version: v1.6.0 NetPacket::IP: file: lib/NetPacket/IP.pm version: v1.6.0 NetPacket::IPX: file: lib/NetPacket/IPX.pm version: v1.6.0 NetPacket::TCP: file: lib/NetPacket/TCP.pm version: v1.6.0 NetPacket::UDP: file: lib/NetPacket/UDP.pm version: v1.6.0 NetPacket::USBMon: file: lib/NetPacket/USBMon.pm version: v1.6.0 requires: Carp: '0' Exporter: '0' constant: '0' parent: '0' perl: v5.10.0 strict: '0' warnings: '0' resources: bugtracker: https://github.com/yanick/netpacket/issues homepage: https://github.com/yanick/netpacket repository: https://github.com/yanick/netpacket.git version: 1.6.0 x_authority: cpan:YANICK x_contributors: - 'Andreas Schwab ' - 'Ben Magistro ' - 'Daniel Collins ' - 'Dinar Valeev ' - 'Lubomir Rintel ' - 'Neil Bowers ' - 'Robin Lee ' - 'Stan Schwertly ' - 'Stephanie Wehner ' - 'Tim Potter ' - 'fschlich ' NetPacket-1.6.0/cpanfile0000644000175000017500000000073112500661227014420 0ustar yanickyanickrequires "Carp" => "0"; requires "Exporter" => "0"; requires "constant" => "0"; requires "parent" => "0"; requires "perl" => "v5.10.0"; requires "strict" => "0"; requires "warnings" => "0"; on 'test' => sub { requires "File::Spec" => "0"; requires "IO::Handle" => "0"; requires "IPC::Open3" => "0"; requires "Test::More" => "0.88"; }; on 'configure' => sub { requires "ExtUtils::MakeMaker" => "0"; }; on 'develop' => sub { requires "version" => "0.9901"; }; NetPacket-1.6.0/t/0000775000175000017500000000000012500661227013160 5ustar yanickyanickNetPacket-1.6.0/t/ipx.t0000644000175000017500000000406112500661227014144 0ustar yanickyanick#!/usr/bin/perl use strict; use warnings; use Test::More; plan tests => 14; use_ok 'NetPacket::IPX'; my $packet = "" ."\xFF\xFF" # "checksum" ."\x00\x2A" # header + data length ."\x64" # Traffic Control ."\x05" # Packet type ."\x46\x35\x57\xFF" # Destination network ."\x01\x23\x45\x67\x89\xAB" # Destination node ."\xEE\xAA" # Destination socket ."\xDE\xFF\x00\x01" # Source network ."\xCD\xEF\x01\x23\x45\x67" # Source node ."\xAA\xAA" # Source socket ."\x00some \n\xFFdata"; { my $ipx = NetPacket::IPX->decode($packet); isa_ok($ipx, "NetPacket::IPX"); is($ipx->{tc}, 0x64, "NetPacket::IPX->decode() decodes the tc field"); is($ipx->{type}, 0x05, "NetPacket::IPX->decode() decodes the type field"); is($ipx->{dest_network}, "46:35:57:FF", "NetPacket::IPX->decode() decodes the destination network field"); is($ipx->{dest_node}, "01:23:45:67:89:AB", "NetPacket::IPX->decode() decodes the destination node field"); is($ipx->{dest_socket}, 0xEEAA, "NetPacket::IPX->decode() decodes the destination socket field"); is($ipx->{src_network}, "DE:FF:00:01", "NetPacket::IPX->decode() decodes the source network field"); is($ipx->{src_node}, "CD:EF:01:23:45:67", "NetPacket::IPX->decode() decodes the source node field"); is($ipx->{src_socket}, 0xAAAA, "NetPacket::IPX->decode() decodes the source socket field"); is($ipx->{data}, "\x00some \n\xFFdata", "NetPacket::IPX->decode() extracts the packet payload"); } { my $ipx = NetPacket::IPX->new( tc => 0x64, type => 0x05, dest_network => "46:35:57:fF", dest_node => "1:23:45:67:89:Ab", dest_socket => 0xEEAA, src_network => "dE:fF:0:1", src_node => "Cd:ef:1:23:45:67", src_socket => 0xAAAA, data => "\x00some \n\xFFdata", ); isa_ok($ipx, "NetPacket::IPX"); is($ipx->encode(), $packet, "NetPacket::IPX->encode() encodes the packet correctly"); } is(NetPacket::IPX::strip($packet), "\x00some \n\xFFdata", "NetPacket::IPX::strip() extracts the packet payload"); NetPacket-1.6.0/t/icmp.t0000644000175000017500000000163112500661227014274 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; # last test to print use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::ICMP; my $datagram = binarize( <<'END_DATAGRAM' ); 00 00 00 00 00 00 00 00 00 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 3c a7 7f 00 00 01 7f 00 00 01 08 00 d8 2f b6 6f 00 00 f8 11 c9 45 ba 05 03 00 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $icmp = NetPacket::ICMP->decode( $ip->{data} ); is $icmp->{cksum} => 55343, 'ICMP checksum'; # recompute the checksum $icmp->checksum; is $icmp->{cksum} => 55343, 'recomputed ICMP checksum'; sub binarize { my $string = shift; return join '' => map { chr hex } split ' ', $string; } NetPacket-1.6.0/t/tcp.t0000644000175000017500000000542112500661227014133 0ustar yanickyanick use strict; use warnings; use Test::More tests => 4; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::TCP; my $datagram = binarize( <<'END_DATAGRAM' ); 00 21 85 9a 70 4d 00 80 64 54 ba 3a 08 00 45 00 00 e4 2b 2d 40 00 74 06 0f 26 cc e8 f4 d6 0a 00 00 02 00 50 82 60 eb 9d d5 71 11 5e 81 59 80 18 fb 28 3d cf 00 00 01 01 08 0a 30 61 d4 65 05 8c 40 76 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 53 65 72 76 65 72 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 49 49 53 2f 37 2e 30 0d 0a 58 2d 50 6f 77 65 72 65 64 2d 42 79 3a 20 41 53 50 2e 4e 45 54 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 30 37 20 4d 61 79 20 32 30 31 30 20 32 32 3a 35 38 3a 32 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 0d 0a 0d 0a 34 36 32 34 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $tcp = NetPacket::TCP->decode( $ip->{data}, $ip ); like $tcp->{data} => qr/^HTTP.*4624$/ms, 'TCP payload'; # same thing, but with noise at the end of the Eth # segment $datagram = binarize( <<'END_DATAGRAM' ); 00 21 85 9a 70 4d 00 80 64 54 ba 3a 08 00 # IP 45 00 00 e4 2b 2d 40 00 74 06 0f 26 cc e8 f4 d6 0a 00 00 02 # TCP 00 50 82 60 eb 9d d5 71 11 5e 81 59 80 18 fb 28 3d cf 00 00 01 01 08 0a 30 61 d4 65 05 8c 40 76 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 53 65 72 76 65 72 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 49 49 53 2f 37 2e 30 0d 0a 58 2d 50 6f 77 65 72 65 64 2d 42 79 3a 20 41 53 50 2e 4e 45 54 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 30 37 20 4d 61 79 20 32 30 31 30 20 32 32 3a 35 38 3a 32 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 0d 0a 0d 0a 34 36 32 34 de ad be ef END_DATAGRAM $eth = NetPacket::Ethernet->decode( $datagram ); $ip = NetPacket::IP->decode( $eth->{data} ); $tcp = NetPacket::TCP->decode( $ip->{data}, $ip ); like $tcp->{data} => qr/^HTTP.*4624$/ms, 'TCP payload'; is_deeply scalar $tcp->parse_tcp_options, { er => 93077622, ts => 811717733, }, 'options'; $datagram = binarize( <<'END_DATAGRAM'); d3 55 00 50 85 cf 98 36 00 00 00 00 a0 02 16 d0 9b 76 00 00 02 04 05 b4 04 02 08 0a 85 82 12 6d 00 00 00 00 01 03 03 04 END_DATAGRAM $tcp = NetPacket::TCP->decode( $datagram ); is_deeply scalar $tcp->parse_tcp_options, { er => 0, ts => 2239894125, mss => 1460, ws => 4, sack => 2, }, 'options'; sub binarize { my $string = shift; $string =~ s/^\s*#.*?$//mg; # remove comments return join '' => map { chr hex } split ' ', $string; } NetPacket-1.6.0/t/checksum.t0000644000175000017500000000134212500661227015145 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 3; use NetPacket::TCP; use NetPacket::UDP; my $ip = { src_ip => '127.0.0.1', dest_ip => '192.168.0.1', }; bless $ip, 'NetPacket::IP'; my $tcp = { dest_port => 22, src_port => 13, seqnum => 1, acknum => 2, winsize => 32, urg => 0, hlen => 5, data => "DEADBEEF", }; bless $tcp, 'NetPacket::TCP'; is NetPacket::TCP::checksum( $tcp, $ip ) => 25303; $tcp->{data} = "DEADBEEF\x01"; my $odd_checksum = NetPacket::TCP::checksum( $tcp, $ip ); is $odd_checksum => 25046, 'TCP padding done correctly'; my $udp = { src_port => 13, dest_port => 14, len => 15, data => "foo", }; bless $udp, 'NetPacket::UDP'; is NetPacket::UDP::checksum( $udp, $ip ) => 60058, 'UDP padding'; NetPacket-1.6.0/t/ethernet.t0000644000175000017500000000032012500661227015154 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; use NetPacket::Ethernet qw/ :types /; is ETH_TYPE_PPPOES() => 0x8864, 'imports'; is NetPacket::Ethernet::ETH_TYPE_IP() => 0x0800, 'with namespace'; NetPacket-1.6.0/t/000-report-versions-tiny.t0000644000175000017500000000454712500661227020014 0ustar yanickyanickuse strict; use warnings; use Test::More 0.88; # This is a relatively nice way to avoid Test::NoWarnings breaking our # expectations by adding extra tests, without using no_plan. It also helps # avoid any other test module that feels introducing random tests, or even # test plans, is a nice idea. our $success = 0; END { $success && done_testing; } # List our own version used to generate this my $v = "\nGenerated by Dist::Zilla::Plugin::ReportVersions::Tiny v1.10\n"; eval { # no excuses! # report our Perl details my $want = 'v5.10.0'; $v .= "perl: $] (wanted $want) on $^O from $^X\n\n"; }; defined($@) and diag("$@"); # Now, our module version dependencies: sub pmver { my ($module, $wanted) = @_; $wanted = " (want $wanted)"; my $pmver; eval "require $module;"; if ($@) { if ($@ =~ m/Can't locate .* in \@INC/) { $pmver = 'module not found.'; } else { diag("${module}: $@"); $pmver = 'died during require.'; } } else { my $version; eval { $version = $module->VERSION; }; if ($@) { diag("${module}: $@"); $pmver = 'died during VERSION check.'; } elsif (defined $version) { $pmver = "$version"; } else { $pmver = ''; } } # So, we should be good, right? return sprintf('%-45s => %-10s%-15s%s', $module, $pmver, $wanted, "\n"); } eval { $v .= pmver('Carp','any version') }; eval { $v .= pmver('Exporter','any version') }; eval { $v .= pmver('ExtUtils::MakeMaker','any version') }; eval { $v .= pmver('File::Spec','any version') }; eval { $v .= pmver('IO::Handle','any version') }; eval { $v .= pmver('IPC::Open3','any version') }; eval { $v .= pmver('Test::More','0.88') }; eval { $v .= pmver('constant','any version') }; eval { $v .= pmver('parent','any version') }; eval { $v .= pmver('strict','any version') }; eval { $v .= pmver('warnings','any version') }; # All done. $v .= <<'EOT'; Thanks for using my code. I hope it works for you. If not, please try and include this output in the bug report. That will help me reproduce the issue and solve your problem. EOT diag($v); ok(1, "we really didn't test anything, just reporting data"); $success = 1; # Work around another nasty module on CPAN. :/ no warnings 'once'; $Template::Test::NO_FLUSH = 1; exit 0; NetPacket-1.6.0/t/usbmon.t0000644000175000017500000001451412500661227014653 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 103; use NetPacket::USBMon qw/:ALL/; my $frame; my $usbmon; # host -> device, GET DESCRIPTOR Request DEVICE $frame = binarize( <<'END_DATAGRAM' ); 40 21 9d fa 01 88 ff ff 53 02 80 0a 03 00 00 3c 48 e4 0c 52 00 00 00 00 2f d7 06 00 8d ff ff ff 28 00 00 00 00 00 00 00 80 06 00 01 00 00 28 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); #is $usbmon->{id} => 0xffff8801fa9d2140; is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576584; is $usbmon->{ts_usec} => 448303; is $usbmon->{status} => -115; is $usbmon->{length} => 40; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0x200; is $usbmon->{data} => ''; # device -> host, GET DESCRIPTOR Response DEVICE $frame = binarize( <<'END_DATAGRAM' ); 40 21 9d fa 01 88 ff ff 43 02 80 0a 03 00 2d 00 48 e4 0c 52 00 00 00 00 24 db 06 00 00 00 00 00 12 00 00 00 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 12 01 00 02 00 00 00 40 71 1b 02 30 00 01 03 04 02 01 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576584; is $usbmon->{ts_usec} => 449316; is $usbmon->{status} => 0; is $usbmon->{length} => 18; is $usbmon->{len_cap} => 18; is $usbmon->{xfer_flags} => 512; is length $usbmon->{data} => $usbmon->{len_cap}; # host -> device, SET INTERFACE Request $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 53 02 00 0a 03 00 00 00 65 e4 0c 52 00 00 00 00 23 62 07 00 8d ff ff ff 00 00 00 00 00 00 00 00 40 0c 01 00 08 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483875; is $usbmon->{status} => -115; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; is $usbmon->{setup}{bmRequestType} => USB_TYPE_VENDOR; is $usbmon->{setup}{bRequest} => 12; is $usbmon->{setup}{wIndex} => 49160; is $usbmon->{setup}{wLength} => 0; is $usbmon->{setup}{wValue} => 1; # device -> host, SET INTERFACE Response $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 43 02 00 0a 03 00 2d 3e 65 e4 0c 52 00 00 00 00 ae 61 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483758; is $usbmon->{status} => 0; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # host -> device, URB_CONTROL out $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 53 02 00 0a 03 00 00 00 65 e4 0c 52 00 00 00 00 23 62 07 00 8d ff ff ff 00 00 00 00 00 00 00 00 40 0c 01 00 08 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_RELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 483875; is $usbmon->{status} => -115; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # device -> host, URB_CONTROL out $frame = binarize( <<'END_DATAGRAM' ); 00 2b 9d fa 01 88 ff ff 43 02 00 0a 03 00 2d 3e 65 e4 0c 52 00 00 00 00 1e 64 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'C'; is $usbmon->{xfer_type} => USB_XFER_TYPE_CONTROL; is $usbmon->{ep}{num} => 0; is $usbmon->{ep}{dir} => 'OUT'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 484382; is $usbmon->{status} => 0; is $usbmon->{length} => 0; is $usbmon->{len_cap} => 0; is $usbmon->{xfer_flags} => 0; is $usbmon->{data} => ''; # host -> device, URB_ISOCHRONOUS in $frame = binarize( <<'END_DATAGRAM' ); 00 ce 6b 19 01 88 ff ff 53 00 81 0a 03 00 2d 3c 65 e4 0c 52 00 00 00 00 be 16 08 00 8d ff ff ff 00 60 00 00 80 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 02 02 00 00 08 00 00 00 ee ff ff ff 00 00 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 0c 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 18 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 24 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 30 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 3c 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 48 00 00 00 0c 00 00 00 00 00 00 ee ff ff ff 00 54 00 00 00 0c 00 00 00 00 00 00 END_DATAGRAM $usbmon = NetPacket::USBMon->decode( $frame ); is $usbmon->{type} => 'S'; is $usbmon->{xfer_type} => USB_XFER_TYPE_ISO; is $usbmon->{ep}{num} => 1; is $usbmon->{ep}{dir} => 'IN'; is $usbmon->{devnum} => 10; is $usbmon->{busnum} => 3; is $usbmon->{flag_setup} => USB_FLAG_SETUP_IRRELEVANT; is $usbmon->{ts_sec} => 1376576613; is $usbmon->{ts_usec} => 530110; is $usbmon->{status} => -115; is $usbmon->{length} => 24576; is $usbmon->{len_cap} => 128; is $usbmon->{xfer_flags} => 514; is length $usbmon->{data} => $usbmon->{len_cap}; # Copied from t/tcp.t, uglified. sub binarize { return join '' => map { chr hex } split ' ', shift; } NetPacket-1.6.0/t/ip_trailing.t0000644000175000017500000000112212500661227015640 0ustar yanickyanick#!/usr/bin/perl use strict; use warnings; use Test::More tests => 2; #use Data::Dumper; use_ok 'NetPacket::IP'; my $raw_packet = <decode($raw_packet); #warn Dumper $ip; is length $ip->{data}, $ip->{len}- $ip->{hlen}*4; NetPacket-1.6.0/t/00-compile.t0000644000175000017500000000245712500661227015220 0ustar yanickyanickuse 5.006; use strict; use warnings; # this test was generated with Dist::Zilla::Plugin::Test::Compile 2.051 use Test::More; plan tests => 10 + ($ENV{AUTHOR_TESTING} ? 1 : 0); my @module_files = ( 'NetPacket.pm', 'NetPacket/ARP.pm', 'NetPacket/Ethernet.pm', 'NetPacket/ICMP.pm', 'NetPacket/IGMP.pm', 'NetPacket/IP.pm', 'NetPacket/IPX.pm', 'NetPacket/TCP.pm', 'NetPacket/UDP.pm', 'NetPacket/USBMon.pm' ); # no fake home requested my $inc_switch = -d 'blib' ? '-Mblib' : '-Ilib'; use File::Spec; use IPC::Open3; use IO::Handle; open my $stdin, '<', File::Spec->devnull or die "can't open devnull: $!"; my @warnings; for my $lib (@module_files) { # see L my $stderr = IO::Handle->new; my $pid = open3($stdin, '>&STDERR', $stderr, $^X, $inc_switch, '-e', "require q[$lib]"); binmode $stderr, ':crlf' if $^O eq 'MSWin32'; my @_warnings = <$stderr>; waitpid($pid, 0); is($?, 0, "$lib loaded ok"); if (@_warnings) { warn @_warnings; push @warnings, @_warnings; } } is(scalar(@warnings), 0, 'no warnings found') or diag 'got warnings: ', ( Test::More->can('explain') ? Test::More::explain(\@warnings) : join("\n", '', @warnings) ) if $ENV{AUTHOR_TESTING}; NetPacket-1.6.0/t/general.t0000644000175000017500000000041612500661227014761 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 1; # last test to print use NetPacket::UDP; use NetPacket; use NetPacket::ARP; use NetPacket::Ethernet; use NetPacket::ICMP; use NetPacket::IGMP; use NetPacket::IP; use NetPacket::TCP; use NetPacket::USBMon; pass; NetPacket-1.6.0/t/bug-37931.t0000644000175000017500000000065212500661227014607 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 1; # last test to print use NetPacket::ICMP ':ALL'; ok ICMP_MASKREQ(), "ICMP_MASKRED defined"; __END__ =pod Subject: NetPacket::ICMP has an export typo on ICMP_MASKREQ I found a typo in NetPacket::ICMP: > use constant ICMP_MASKREQ => 17; This constant is exported and documented as ICMP_MASREQ, making it unusable as an exported method. =cut NetPacket-1.6.0/t/ip_encode.t0000644000175000017500000000106412500661227015271 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 2; use NetPacket::IP; use NetPacket::Ethernet; my $datagram = join '', map { chr } split ':', join ':' => ; my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); is $ip->{flags} => 2; my $q = NetPacket::IP->decode( $ip->encode ); is $q->{flags} => $ip->{flags}; __DATA__ 0:25:209:6:219:108:0:19:163:164:237:251:8:0:69:0:0:46 174:1:64:0:56:6:248:228:96:6:121:42:192:168:2:11:0:80 17:185:251:228:155:131:197:211:72:2:80:16:30:230:61:189 0:0:0:0:0:0:0:0 NetPacket-1.6.0/t/udp.t0000644000175000017500000000220212500661227014127 0ustar yanickyanickuse strict; use warnings; use Test::More tests => 8; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::UDP qw/ udp_strip /; my $datagram = binarize( <<'END_DATAGRAM' ); 00 90 d0 23 ed 2a 00 1c bf ca a3 d5 08 00 45 00 00 30 00 00 40 00 40 11 30 5a 0a 00 00 a5 84 b1 7b 0d eb 11 0d 96 00 1c 42 7f 00 01 00 00 21 12 a4 42 fd 95 e8 83 8a 05 28 45 6a 8e f1 e2 END_DATAGRAM my $eth = NetPacket::Ethernet->decode( $datagram ); my $ip = NetPacket::IP->decode( $eth->{data} ); my $udp = NetPacket::UDP->decode( $ip->{data}, $ip ); is unpack( "H*", $udp->{data} ) => '000100002112a442fd95e8838a0528456a8ef1e2', 'UDP payload (STUN)'; is $udp->{src_port} => 60177, 'src_port'; is $udp->{dest_port} => 3478, 'dest_port'; is $udp->{len} => 28, 'len'; is $udp->{cksum} => 17023, 'cksum'; is $udp->{src_port} => 60177, 'src_port'; is $udp->{dest_port} => 3478, 'dest_port'; is unpack( "H*", udp_strip($udp->encode($ip)) ) => '000100002112a442fd95e8838a0528456a8ef1e2', 'udp_strip()'; sub binarize { my $string = shift; $string =~ s/^\s*#.*?$//mg; # remove comments return join '' => map { chr hex } split ' ', $string; } NetPacket-1.6.0/t/udp-checksum.t0000644000175000017500000000210512500661227015731 0ustar yanickyanick use Test::More tests => 2; my $data = <<'END_DATA'; 01005e2a2501003048770072080045000110000040000111cccc53a6443fef2a25017 d5a7d5a00fc7d37050000f40000010ff30f804100160000000022482ac57077827dd9 0000010ff30f804100076b65737472616c00067379736d6f6e000a4469736b4672656 52e2f6d000773000c70657263656e742d757365646640fef86073000b7061636b6574 2d74797065690000000073000b6465736372697074696f6e7300154469736b2053706 16365207374617469737469637373000d7570646174652d706572696f647100000000 000493e073000a62797465732d66726565710000002248a1800073000e726573756c7 42d6d6573736167657300077375636365737373000e6d65676162797465732d667265 6571000000000002248a END_DATA $data =~ s/\s+//g; # remove all spaces my $datagram = join "", map { chr hex } $data =~ /(..)/g; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::UDP; my $pkt = NetPacket::Ethernet->decode($datagram); my $ip_pkt = NetPacket::IP->decode( $pkt->{data} ); $pkt = NetPacket::UDP->decode( $ip_pkt->{data} ); is $pkt->{cksum} => 32055, 'original checksum'; $pkt->checksum($ip_pkt); is $pkt->{cksum} => 32055, 're-computed checksum'; NetPacket-1.6.0/doap.xml0000644000175000017500000002155412500661227014367 0ustar yanickyanick NetPacket assemble/disassemble network packets at the protocol level Tim Potter Stephanie Wehner Yanick Champoux Andreas Schwab Ben Magistro Daniel Collins Dinar Valeev Lubomir Rintel Neil Bowers Robin Lee Stan Schwertly Stephanie Wehner Tim Potter fschlich 0.01 1999-04-24 0.03 2001-07-30 0.04 2003-05-21 0.41.0_0 2008-12-20 0.41.1 2009-01-06 0.42.0 2010-03-25 0.43.0 2010-05-23 0.43.1 2010-06-11 0.43.2 2010-10-11 1.0.0 2010-10-17 1.0.1 2010-10-19 1.1.0 2011-01-15 1.1.1 2011-02-07 1.1.2 2011-06-20 1.2.0 2011-07-26 1.3.0 2011-11-13 1.3.1 2011-11-23 1.3.2 2013-05-03 1.3.3 2013-05-15 1.4.0 2013-08-26 1.4.1 2013-09-05 1.4.2 2013-09-25 1.4.3 2013-10-03 1.4.4 2013-11-30 1.5.0 2014-06-15 Perl NetPacket-1.6.0/README0000644000175000017500000000675312500661227013606 0ustar yanickyanickNAME NetPacket - assemble/disassemble network packets at the protocol level VERSION version 1.6.0 SYNOPSIS # NetPacket is a base class only DESCRIPTION "NetPacket" provides a base class for a cluster of modules related to decoding and encoding of network protocols. Each "NetPacket" descendent module knows how to encode and decode packets for the network protocol it implements. Consult the documentation for the module in question for protocol-specific implementation. Note that there is no inheritance in the "NetPacket::" cluster of modules other than each protocol module being a "NetPacket". This was seen to be too restrictive as imposing inheritance relationships (for example between the IP, UDP and TCP protocols) would make things like tunneling or other unusual situations difficult. WRITING YOUR OWN "NetPacket::" MODULE You are encouraged to write additional "NetPacket::" modules as well as improve existing ones. Contact the maintainer of the module in question with your suggestions or changes. The following sections are a list of suggestions and conventions for writing a "NetPacket::" module. Naming Conventions When creating a module in the "NetPacket::" namespace, it is suggested that you stick to a couple of conventions when naming packet contents. This will hopefully lead to a consistent namespace making the "NetPacket::" easier to use. Content names are all lowercase, with underscores separating multiple words. The following abbreviations are recommended: Word Abbreviation -------------------------------- source src destination dest checksum cksum identifier id version ver protocol proto Required Methods encode(), decode(), strip() Required Fields Every NetPacket:: object should have the following fields. _parent A link to the parent "NetPacket::" object in which this "NetPacket::" object is encaulated. This field is undefined if there is no parent object. _frame A copy of the raw data of the packet. data This field should contain the data encapsulated in the packet (i.e any headers or trailers stripped off) or undef if the packet contains no data. Note that in this sense, "data" is taken to mean information not relevant to the particular protocol being decoded. For example, an ARP packet contains many header fields but no data. A UDP datagram, however contains header fields and a payload. SEE ALSO Joel Knight has a patch for NetPacket for IPv6 support available at http://www.packetmischief.ca/code/netpacket/. COPYRIGHT AND LICENSE Copyright (c) 2001 Tim Potter and Stephanie Wehner. Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. AUTHORS Tim Potter Stephanie Wehner Yanick Champoux