Sniffer::Connection - contain basic information about a TCP connection
my $conn = Sniffer::Connection->new( tcp => $packet, sent_data => sub { $self->sent_data(@_) }, received_data => sub { $self->received_data(@_) }, closed => sub {}, teardown => sub { $self->closed->($self) }, log => sub { print $_[0] }, ));
This module will try to give you the ordered data stream from a TCP connection. You supply callbacks for the data. The data is returned as the ACK-packets are seen for it.
As the TCP-reordering is cooked out by me, it likely has bugs, but I have used this module for sniffing some out-of-order TCP connection.
$conn->init_from_packet TCP
Initializes the connection data from a packet.
$conn->handle_packet TCP [, TIMESTAMP]
Handles a packet and updates the status according to the packet.
The optional TIMESTAMP parameter allows you to attach a timestamp (in seconds since the epoch) to the packet if you have a capture file with timestamps. It defaults to the value of time.
time
last_activity
Returns the timestamp in epoch seconds of the last activity of the socket. This can be convenient to determine if a connection has gone stale.
This timestamp should be fed in via handle_packet if it is available. Capturing via Sniffer::HTTP::run and Sniffer::HTTP::run_file supplies the correct Net::Pcap timestamps and thus will reproduce all sessions faithfully.
handle_packet
Sniffer::HTTP::run
Sniffer::HTTP::run_file
update_activity [TIMESTAMP]
Updates last_activity and supplies a default timestamp of time.
Implement a (configurable?) timeout (of say 5 minutes) after which connections get auto-closed to reduce resource usage.
Data can only be forwarded after there has been the ACK packet for it!
The whole module suite has almost no tests.
If you experience problems, please supply me with a complete, relevant packet dump as the included dump-raw.pl creates. Even better, supply me with (failing) tests.
dump-raw.pl
Max Maischein (corion@cpan.org)
Copyright (C) 2005-2021 Max Maischein. All Rights Reserved.
This code is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Sniffer::HTTP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Sniffer::HTTP
CPAN shell
perl -MCPAN -e shell install Sniffer::HTTP
For more information on module installation, please visit the detailed CPAN module installation guide.