1NetPacket::TCP(3) User Contributed Perl Documentation NetPacket::TCP(3)
2
3
4
6 NetPacket::TCP - Assemble and disassemble TCP (Transmission Control
7 Protocol) packets.
8
10 version 1.7.2
11
13 use NetPacket::TCP;
14
15 $tcp_obj = NetPacket::TCP->decode($raw_pkt);
16 $tcp_pkt = $tcp_obj->encode($ip_pkt);
17 $tcp_data = NetPacket::TCP::strip($raw_pkt);
18
20 "NetPacket::TCP" provides a set of routines for assembling and
21 disassembling packets using TCP (Transmission Control Protocol).
22
23 Methods
24 "NetPacket::TCP->decode([RAW PACKET])"
25 Decode the raw packet data given and return an object containing
26 instance data. This method will quite happily decode garbage
27 input. It is the responsibility of the programmer to ensure valid
28 packet data is passed to this method.
29
30 "NetPacket::TCP->encode($ip_obj)"
31 Return a TCP packet encoded with the instance data specified.
32 Needs parts of the ip header contained in $ip_obj in order to
33 calculate the TCP checksum.
34
35 "$packet->parse_tcp_options"
36 Returns a hash (or a hash ref in scalar context) containing the
37 packet's options.
38
39 For now the method only recognizes well-known and widely used
40 options (MSS, noop, windows scale factor, SACK permitted, SACK,
41 timestamp). If the packet contains options unknown to the method,
42 it may fail.
43
44 Functions
45 "NetPacket::TCP::strip([RAW PACKET])"
46 Return the encapsulated data (or payload) contained in the TCP
47 packet. This data is suitable to be used as input for other
48 "NetPacket::*" modules.
49
50 This function is equivalent to creating an object using the
51 decode() constructor and returning the "data" field of that object.
52
53 Instance data
54 The instance data for the "NetPacket::TCP" object consists of the
55 following fields.
56
57 src_port
58 The source TCP port for the packet.
59
60 dest_port
61 The destination TCP port for the packet.
62
63 seqnum
64 The TCP sequence number for this packet.
65
66 acknum
67 The TCP acknowledgement number for this packet.
68
69 hlen
70 The header length for this packet.
71
72 reserved
73 The 6-bit "reserved" space in the TCP header.
74
75 flags
76 Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for
77 this packet.
78
79 winsize
80 The TCP window size for this packet.
81
82 cksum
83 The TCP checksum.
84
85 urg The TCP urgent pointer.
86
87 options
88 Any TCP options for this packet in binary form.
89
90 data
91 The encapsulated data (payload) for this packet.
92
93 Exports
94 default
95 FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate
96 flag.
97
98 exportable
99 tcp_strip
100
101 tags
102 The following tags group together related exportable items.
103
104 ":strip"
105 Import the strip function "tcp_strip".
106
107 ":ALL"
108 All the above exportable items.
109
111 The following script is a primitive pop3 sniffer.
112
113 #!/usr/bin/perl -w
114
115 use strict;
116 use Net::PcapUtils;
117 use NetPacket::Ethernet qw(:strip);
118 use NetPacket::IP qw(:strip);
119 use NetPacket::TCP;
120
121 sub process_pkt {
122 my($arg, $hdr, $pkt) = @_;
123
124 my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));
125
126 if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
127 print($tcp_obj->{data});
128 }
129 }
130
131 Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');
132
133 The following uses NetPacket together with Net::Divert to add a syn
134 flag to all TCP packets passing through:
135
136 #!/usr/bin/perl
137
138 use Net::Divert;
139 use NetPacket::IP qw(IP_PROTO_TCP);
140 use NetPacket::TCP;
141
142
143 $divobj = Net::Divert->new('yourhostname',9999);
144
145 $divobj->getPackets(\&alterPacket);
146
147 sub alterPacket {
148 my($packet,$fwtag) = @_;
149
150 # decode the IP header
151 $ip_obj = NetPacket::IP->decode($packet);
152
153 # check if this is a TCP packet
154 if($ip_obj->{proto} == IP_PROTO_TCP) {
155
156 # decode the TCP header
157 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});
158
159 # set the syn flag
160 $tcp_obj->{flags} |= SYN;
161
162 # construct the new ip packet
163 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
164 $packet = $ip_obj->encode;
165
166 }
167
168 # write it back out
169 $divobj->putPacket($packet,$fwtag);
170 }
171
173 Assembly of TCP fragments into a data stream
174 Option processing
175 Nicer processing of TCP flags
176
178 Copyright (c) 2001 Tim Potter and Stephanie Wehner.
179
180 Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the
181 participants in the CRC for Advanced Computational Systems ('ACSys').
182
183 This module is free software. You can redistribute it and/or modify it
184 under the terms of the Artistic License 2.0.
185
186 This program is distributed in the hope that it will be useful, but
187 without any warranty; without even the implied warranty of
188 merchantability or fitness for a particular purpose.
189
191 Tim Potter <tpot@samba.org>
192
193 Stephanie Wehner <atrak@itsx.com>
194
195
196
197perl v5.38.0 2023-07-21 NetPacket::TCP(3)