1NetPacket::TCP(3) User Contributed Perl Documentation NetPacket::TCP(3)
2
6 NetPacket::TCP - Assemble and disassemble TCP (Transmission Control
7 Protocol) packets.
8
10 version 1.7.2
11
13 use NetPacket::TCP;
14 $tcp_obj = NetPacket::TCP->decode($raw_pkt);
16 $tcp_pkt = $tcp_obj->encode($ip_pkt);
17 $tcp_data = NetPacket::TCP::strip($raw_pkt);
18
20 "NetPacket::TCP" provides a set of routines for assembling and
21 disassembling packets using TCP (Transmission Control Protocol).
22 Methods
24 "NetPacket::TCP->decode([RAW PACKET])"
25 Decode the raw packet data given and return an object containing
26 instance data. This method will quite happily decode garbage
27 input. It is the responsibility of the programmer to ensure valid
28 packet data is passed to this method.
29 "NetPacket::TCP->encode($ip_obj)"
31 Return a TCP packet encoded with the instance data specified.
32 Needs parts of the ip header contained in $ip_obj in order to
33 calculate the TCP checksum.
34 "$packet->parse_tcp_options"
36 Returns a hash (or a hash ref in scalar context) containing the
37 packet's options.
38 For now the method only recognizes well-known and widely used
40 options (MSS, noop, windows scale factor, SACK permitted, SACK,
41 timestamp). If the packet contains options unknown to the method,
42 it may fail.
43 Functions
45 "NetPacket::TCP::strip([RAW PACKET])"
46 Return the encapsulated data (or payload) contained in the TCP
47 packet. This data is suitable to be used as input for other
48 "NetPacket::*" modules.
49 This function is equivalent to creating an object using the
51 decode() constructor and returning the "data" field of that object.
52 Instance data
54 The instance data for the "NetPacket::TCP" object consists of the
55 following fields.
56 src_port
58 The source TCP port for the packet.
59 dest_port
61 The destination TCP port for the packet.
62 seqnum
64 The TCP sequence number for this packet.
65 acknum
67 The TCP acknowledgement number for this packet.
68 hlen
70 The header length for this packet.
71 reserved
73 The 6-bit "reserved" space in the TCP header.
74 flags
76 Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for
77 this packet.
78 winsize
80 The TCP window size for this packet.
81 cksum
83 The TCP checksum.
84 urg The TCP urgent pointer.
86 options
88 Any TCP options for this packet in binary form.
89 data
91 The encapsulated data (payload) for this packet.
92 Exports
94 default
95 FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate
96 flag.
97 exportable
99 tcp_strip
100 tags
102 The following tags group together related exportable items.
103 ":strip"
105 Import the strip function "tcp_strip".
106 ":ALL"
108 All the above exportable items.
109
111 The following script is a primitive pop3 sniffer.
112 #!/usr/bin/perl -w
114 use strict;
116 use Net::PcapUtils;
117 use NetPacket::Ethernet qw(:strip);
118 use NetPacket::IP qw(:strip);
119 use NetPacket::TCP;
120 sub process_pkt {
122 my($arg, $hdr, $pkt) = @_;
123 my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));
125 if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
127 print($tcp_obj->{data});
128 }
129 }
130 Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');
132 The following uses NetPacket together with Net::Divert to add a syn
134 flag to all TCP packets passing through:
135 #!/usr/bin/perl
137 use Net::Divert;
139 use NetPacket::IP qw(IP_PROTO_TCP);
140 use NetPacket::TCP;
141 $divobj = Net::Divert->new('yourhostname',9999);
144 $divobj->getPackets(\&alterPacket);
146 sub alterPacket {
148 my($packet,$fwtag) = @_;
149 # decode the IP header
151 $ip_obj = NetPacket::IP->decode($packet);
152 # check if this is a TCP packet
154 if($ip_obj->{proto} == IP_PROTO_TCP) {
155 # decode the TCP header
157 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});
158 # set the syn flag
160 $tcp_obj->{flags} |= SYN;
161 # construct the new ip packet
163 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
164 $packet = $ip_obj->encode;
165 }
167 # write it back out
169 $divobj->putPacket($packet,$fwtag);
170 }
171
173 Assembly of TCP fragments into a data stream
174 Option processing
175 Nicer processing of TCP flags
176
178 Copyright (c) 2001 Tim Potter and Stephanie Wehner.
179 Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the
181 participants in the CRC for Advanced Computational Systems ('ACSys').
182 This module is free software. You can redistribute it and/or modify it
184 under the terms of the Artistic License 2.0.
185 This program is distributed in the hope that it will be useful, but
187 without any warranty; without even the implied warranty of
188 merchantability or fitness for a particular purpose.
189
191 Tim Potter <tpot@samba.org>
192 Stephanie Wehner <atrak@itsx.com>
194perl v5.36.0 2023-01-20 NetPacket::TCP(3)