1NetPacket::TCP(3)     User Contributed Perl Documentation    NetPacket::TCP(3)
2
3
4

NAME

6       NetPacket::TCP - Assemble and disassemble TCP (Transmission Control
7       Protocol) packets.
8

VERSION

10       version 1.2.0
11

SYNOPSIS

13         use NetPacket::TCP;
14
15         $tcp_obj = NetPacket::TCP->decode($raw_pkt);
16         $tcp_pkt = NetPacket::TCP->encode($ip_pkt);
17         $tcp_data = NetPacket::TCP::strip($raw_pkt);
18

DESCRIPTION

20       "NetPacket::TCP" provides a set of routines for assembling and
21       disassembling packets using TCP (Transmission Control Protocol).
22
23   Methods
24       "NetPacket::TCP->decode([RAW PACKET])"
25           Decode the raw packet data given and return an object containing
26           instance data.  This method will quite happily decode garbage
27           input.  It is the responsibility of the programmer to ensure valid
28           packet data is passed to this method.
29
30       "NetPacket::TCP->encode($ip_obj)"
31           Return a TCP packet encoded with the instance data specified.
32           Needs parts of the ip header contained in $ip_obj in order to
33           calculate the TCP checksum.
34
35   Functions
36       "NetPacket::TCP::strip([RAW PACKET])"
37           Return the encapsulated data (or payload) contained in the TCP
38           packet.  This data is suitable to be used as input for other
39           "NetPacket::*" modules.
40
41           This function is equivalent to creating an object using the
42           "decode()" constructor and returning the "data" field of that
43           object.
44
45   Instance data
46       The instance data for the "NetPacket::TCP" object consists of the
47       following fields.
48
49       src_port
50           The source TCP port for the packet.
51
52       dest_port
53           The destination TCP port for the packet.
54
55       seqnum
56           The TCP sequence number for this packet.
57
58       acknum
59           The TCP acknowledgement number for this packet.
60
61       hlen
62           The header length for this packet.
63
64       reserved
65           The 6-bit "reserved" space in the TCP header.
66
67       flags
68           Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for
69           this packet.
70
71       winsize
72           The TCP window size for this packet.
73
74       cksum
75           The TCP checksum.
76
77       urg The TCP urgent pointer.
78
79       options
80           Any TCP options for this packet in binary form.
81
82       data
83           The encapsulated data (payload) for this packet.
84
85   Exports
86       default
87           FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate
88           flag.
89
90       exportable
91           tcp_strip
92
93       tags
94           The following tags group together related exportable items.
95
96           ":strip"
97               Import the strip function "tcp_strip".
98
99           ":ALL"
100               All the above exportable items.
101

EXAMPLE

103       The following script is a primitive pop3 sniffer.
104
105         #!/usr/bin/perl -w
106
107         use strict;
108         use Net::PcapUtils;
109         use NetPacket::Ethernet qw(:strip);
110         use NetPacket::IP qw(:strip);
111         use NetPacket::TCP;
112
113         sub process_pkt {
114             my($arg, $hdr, $pkt) = @_;
115
116             my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));
117
118             if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
119                 print($tcp_obj->{data});
120             }
121         }
122
123         Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');
124
125       The following uses NetPacket together with Net::Divert to add a syn
126       flag to all TCP packets passing through:
127
128         #!/usr/bin/perl
129
130         use Net::Divert;
131         use NetPacket::IP qw(IP_PROTO_TCP);
132         use NetPacket::TCP;
133
134
135         $divobj = Net::Divert->new('yourhostname',9999);
136
137         $divobj->getPackets(\&alterPacket);
138
139         sub alterPacket {
140             my($packet,$fwtag) = @_;
141
142             # decode the IP header
143             $ip_obj = NetPacket::IP->decode($packet);
144
145             # check if this is a TCP packet
146             if($ip_obj->{proto} == IP_PROTO_TCP) {
147
148                 # decode the TCP header
149                 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});
150
151                 # set the syn flag
152                 $tcp_obj->{flags} |= SYN;
153
154                 # construct the new ip packet
155                 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
156                 $packet = $ip_obj->encode;
157
158             }
159
160             # write it back out
161             $divobj->putPacket($packet,$fwtag);
162          }
163

TODO

165       Assembly of TCP fragments into a data stream
166       Option processing
167       Nicer processing of TCP flags
168

170       Copyright (c) 2001 Tim Potter and Stephanie Wehner.
171
172       Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the
173       participants in the CRC for Advanced Computational Systems ('ACSys').
174
175       This module is free software.  You can redistribute it and/or modify it
176       under the terms of the Artistic License 2.0.
177
178       This program is distributed in the hope that it will be useful, but
179       without any warranty; without even the implied warranty of
180       merchantability or fitness for a particular purpose.
181

AUTHOR

183       Tim Potter <tpot@samba.org>
184
185       Stephanie Wehner <atrak@itsx.com>
186
187
188
189perl v5.12.3                      2011-07-30                 NetPacket::TCP(3)
Impressum