NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets.
NetPacket::TCP
use NetPacket::TCP; $tcp_obj = NetPacket::TCP->decode($raw_pkt); $tcp_pkt = NetPacket::TCP->encode($ip_pkt); $tcp_data = NetPacket::TCP::strip($raw_pkt);
NetPacket::TCP provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol).
NetPacket::TCP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::TCP->encode($ip_obj)
Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum.
NetPacket::TCP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other NetPacket::* modules.
NetPacket::*
This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.
decode()
data
The instance data for the NetPacket::TCP object consists of the following fields.
The source TCP port for the packet.
The destination TCP port for the packet.
The TCP sequence number for this packet.
The TCP acknowledgement number for this packet.
The header length for this packet.
The 6-bit "reserved" space in the TCP header.
Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.
The TCP window size for this packet.
The TCP checksum.
The TCP urgent pointer.
Any TCP options for this packet in binary form.
The encapsulated data (payload) for this packet.
FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag.
tcp_strip
The following tags group together related exportable items.
:strip
Import the strip function tcp_strip.
:ALL
All the above exportable items.
The following script is a primitive pop3 sniffer.
#!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket::Ethernet qw(:strip); use NetPacket::IP qw(:strip); use NetPacket::TCP; sub process_pkt { my($arg, $hdr, $pkt) = @_; my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt))); if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) { print($tcp_obj->{data}); } } Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');
The following uses NetPacket together with Net::Divert to add a syn flag to all TCP packets passing through:
#!/usr/bin/perl use Net::Divert; use NetPacket::IP qw(IP_PROTO_TCP); use NetPacket::TCP; $divobj = Net::Divert->new('yourhostname',9999); $divobj->getPackets(\&alterPacket); sub alterPacket { my($packet,$fwtag) = @_; # decode the IP header $ip_obj = NetPacket::IP->decode($packet); # check if this is a TCP packet if($ip_obj->{proto} == IP_PROTO_TCP) { # decode the TCP header $tcp_obj = NetPacket::TCP->decode($ip_obj->{data}); # set the syn flag $tcp_obj->{flags} |= SYN; # construct the new ip packet $ip_obj->{data} = $tcp_obj->encode($ip_obj); $packet = $ip_obj->encode; } # write it back out $divobj->putPacket($packet,$fwtag); }
Copyright (c) 2001 Tim Potter. This package is free software and is provided "as is" without express or implied warranty. It may be used, redistributed and/or modified under the terms of the Perl Artistic License (see http://www.perl.com/perl/misc/Artistic.html) Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys'). ACSys makes this software and all associated data and documentation ('Software') available free of charge. You may make copies of the Software but you must include all of this notice on any copy. The Software was developed for research purposes and ACSys does not warrant that it is error free or fit for any purpose. ACSys disclaims any liability for all claims, expenses, losses, damages and costs any user may incur as a result of using, copying or modifying the Software.
Tim Potter <tpot@samba.org>
Stephanie Wehner <atrak@itsx.com>
To install NetPacket, copy and paste the appropriate command in to your terminal.
cpanm
cpanm NetPacket
CPAN shell
perl -MCPAN -e shell install NetPacket
For more information on module installation, please visit the detailed CPAN module installation guide.