1NetPacket::TCP(3) User Contributed Perl Documentation NetPacket::TCP(3)
2
3
4
6 NetPacket::TCP - Assemble and disassemble TCP (Transmission Control
7 Protocol) packets.
8
10 version 1.7.2
11
13 use NetPacket::TCP;
14
15 $tcp_obj = NetPacket::TCP->decode($raw_pkt);
16 $tcp_pkt = $tcp_obj->encode($ip_pkt);
17 $tcp_data = NetPacket::TCP::strip($raw_pkt);
18
20 "NetPacket::TCP" provides a set of routines for assembling and
21 disassembling packets using TCP (Transmission Control Protocol).
22
23 Methods
24 "NetPacket::TCP->decode([RAW PACKET])"
25 Decode the raw packet data given and return an object containing
26 instance data. This method will quite happily decode garbage
27 input. It is the responsibility of the programmer to ensure valid
28 packet data is passed to this method.
29
30 "NetPacket::TCP->encode($ip_obj)"
31 Return a TCP packet encoded with the instance data specified.
32 Needs parts of the ip header contained in $ip_obj in order to
33 calculate the TCP checksum.
34
35 "$packet->parse_tcp_options"
36 Returns a hash (or a hash ref in scalar context) containing the
37 packet's options.
38
39 For now the method only recognizes well-known and widely used
40 options (MSS, noop, windows scale factor, SACK permitted, SACK,
41 timestamp). If the packet contains options unknown to the method,
42 it may fail.
43
44 Functions
45 "NetPacket::TCP::strip([RAW PACKET])"
46 Return the encapsulated data (or payload) contained in the TCP
47 packet. This data is suitable to be used as input for other
48 "NetPacket::*" modules.
49
50 This function is equivalent to creating an object using the
51 "decode()" constructor and returning the "data" field of that
52 object.
53
54 Instance data
55 The instance data for the "NetPacket::TCP" object consists of the
56 following fields.
57
58 src_port
59 The source TCP port for the packet.
60
61 dest_port
62 The destination TCP port for the packet.
63
64 seqnum
65 The TCP sequence number for this packet.
66
67 acknum
68 The TCP acknowledgement number for this packet.
69
70 hlen
71 The header length for this packet.
72
73 reserved
74 The 6-bit "reserved" space in the TCP header.
75
76 flags
77 Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for
78 this packet.
79
80 winsize
81 The TCP window size for this packet.
82
83 cksum
84 The TCP checksum.
85
86 urg The TCP urgent pointer.
87
88 options
89 Any TCP options for this packet in binary form.
90
91 data
92 The encapsulated data (payload) for this packet.
93
94 Exports
95 default
96 FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate
97 flag.
98
99 exportable
100 tcp_strip
101
102 tags
103 The following tags group together related exportable items.
104
105 ":strip"
106 Import the strip function "tcp_strip".
107
108 ":ALL"
109 All the above exportable items.
110
112 The following script is a primitive pop3 sniffer.
113
114 #!/usr/bin/perl -w
115
116 use strict;
117 use Net::PcapUtils;
118 use NetPacket::Ethernet qw(:strip);
119 use NetPacket::IP qw(:strip);
120 use NetPacket::TCP;
121
122 sub process_pkt {
123 my($arg, $hdr, $pkt) = @_;
124
125 my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));
126
127 if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
128 print($tcp_obj->{data});
129 }
130 }
131
132 Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');
133
134 The following uses NetPacket together with Net::Divert to add a syn
135 flag to all TCP packets passing through:
136
137 #!/usr/bin/perl
138
139 use Net::Divert;
140 use NetPacket::IP qw(IP_PROTO_TCP);
141 use NetPacket::TCP;
142
143
144 $divobj = Net::Divert->new('yourhostname',9999);
145
146 $divobj->getPackets(\&alterPacket);
147
148 sub alterPacket {
149 my($packet,$fwtag) = @_;
150
151 # decode the IP header
152 $ip_obj = NetPacket::IP->decode($packet);
153
154 # check if this is a TCP packet
155 if($ip_obj->{proto} == IP_PROTO_TCP) {
156
157 # decode the TCP header
158 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});
159
160 # set the syn flag
161 $tcp_obj->{flags} |= SYN;
162
163 # construct the new ip packet
164 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
165 $packet = $ip_obj->encode;
166
167 }
168
169 # write it back out
170 $divobj->putPacket($packet,$fwtag);
171 }
172
174 Assembly of TCP fragments into a data stream
175 Option processing
176 Nicer processing of TCP flags
177
179 Copyright (c) 2001 Tim Potter and Stephanie Wehner.
180
181 Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the
182 participants in the CRC for Advanced Computational Systems ('ACSys').
183
184 This module is free software. You can redistribute it and/or modify it
185 under the terms of the Artistic License 2.0.
186
187 This program is distributed in the hope that it will be useful, but
188 without any warranty; without even the implied warranty of
189 merchantability or fitness for a particular purpose.
190
192 Tim Potter <tpot@samba.org>
193
194 Stephanie Wehner <atrak@itsx.com>
195
196
197
198perl v5.30.1 2020-01-30 NetPacket::TCP(3)