|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: tcpdump as an inferior Perl process
|
On Thu, Oct 16, 2003 at 08:51:58PM -0400, Michael C. Toren wrote:
> On Thu, Oct 16, 2003 at 08:03:53PM -0400, David Steuber wrote:
> > Can anyone recomend any Perl modules for parsing packets emited by
> > tcpdump with its -w param? I wish to be able to inspect the payload
> > data as well as packet header data (at both ip and ether levels).
>
> Have you looked into the NetPacket::IP modules? Alternatively, you can
> try processing the text output of "tcpdump -Xr", or if you're using linux,
> write an iptables QUEUE target handler with IPTables::IPv4::IPQueue to
> record packets.
Is NetPacket::IP part of the standard distro? I can get it from CPAN
either way. I'll give that a look.
I just said in another followup that I had tcpflow. That is on my
Debian box, not my OS X waffer. Fink has an info file on it though...
I'll have to see if I can install that.
I'm using a Linksys router these days. I haven't even upgraded my
webserver to IPTables from IPChains yet.
Thanks all.
--
David Steuber | telco:610.436.1677
302 E Marshall St | http://www.david-steuber.com/
Apt 612 | (do ((a 1 b) (b 1 (+ a b)))
West Chester, PA 19380 | (nil a) (print a))
-
**Majordomo list services provided by PANIX <URL:http://www.panix.com>**
**To Unsubscribe, send "unsubscribe phl" to majordomo@lists.pm.org**
|
|