Net::Packet - a unified framework to read and write packets over networks from layer 2 to layer 7
Net::Packet | +---Net::Packet::Dump | +---Net::Packet::Desc | | | +---Net::Packet::DescL2 | | | +---Net::Packet::DescL3 | | | +---Net::Packet::DescL4 | | | +---Net::Packet::DescL7 | +---Net::Packet::Frame | +---Net::Packet::Layer | +---Net::Packet::Layer2 | | | +---Net::Packet::ETH | +---Net::Packet::Layer3 | | | +---Net::Packet::ARP | | | +---Net::Packet::IPv4 | +---Net::Packet::Layer4 | | | +---Net::Packet::TCP | | | +---Net::Packet::UDP | | | +---Net::Packet::ICMPv4 | +---Net::Packet::Layer7 Net::Packet::Simple
This module is a unified framework to craft, send and receive packets at layers 2, 3, 4 and 7 (but 4 and 7 are just here for completeness, they have not been thoroughly tested. And you should use IO::Socket for layer 7, anyway).
Basically, you forge each layer of a frame (Net::Packet::IPv4 for layer 3, Net::Packet::TCP for layer 4 ; for example), and pack all of this into a Net::Packet::Frame object. Then, you can write it to the network, and use Net::Packet::Dump to receive responses.
When you use Net::Packet for the first time in a program, three package variables are automatically set in Net::Packet module: $Net::Packet::Dev, $Net::Packet::Ip, and $Net::Packet::Mac. They are taken from the default interface on your machine, the one taken by tcpdump when not user specified. I recommand you to set the package variable $Net::Packet::Debug to 3 when you are a beginner with this module.
$Net::Packet::Debug = 3;
Let's create your first Net::Packet::Frame. We will build a TCP packet and send it at layer 3, so we must craft Net::Packet::IPv4 and Net::Packet::TCP headers.
use Net::Packet::Frame; my $ip = Net::Packet::IPv4->new( dst => $desc->ipDst, ); my $tcp = Net::Packet::TCP->new( dst => 22, );
You do not need to set the source IP, since it will be taken from the package variable $Net::Packet::Ip. Also, reasonable defaults are set for other fields in those two layers. See Net::Packet::IPv4 and Net::Packet::TCP for more. If you need to change default interface and/or IP, you can always overwrite it at the beginning of your program by manually setting $Net::Packet::Dev and/or $Net::Packet::Ip.
You have your layers 3 and 4, you can pack all into a frame:
my $frame = Net::Packet::Frame->new(l3 => $ip, l4 => $tcp);
This step also automatically creates the descriptor that will be used to send frames over the network. That is, since you create a frame starting at layer 3, a Net::Packet::DescL3 object will be automatically created. The global $Net::Packet::Desc will be set to point to it. If you do not want to have an auto-creation of descriptor, you can always create it manually before calling Net::Packet::Frame->new, it will not be overwritten. See Net::Packet::Desc.
Also, a Net::Packet::Dump object is created (that is a tcpdump-like process), but not started for now. The $Net::Packet::Dump global is also written to point to it. If you do not want it to be auto-created, you can create one manually before calling Net::Packet::Frame->new for the first time. See Net::Packet::Dump.
Then, your frame is ok, you can send it over the network in order to receive your response:
$frame->send;
When the first frame is sent using this method, the Net::Packet::Dump process is started, and ready to receive replies, unless it is already started.
You can sleep a few seconds, and then analyze for the response (if any):
sleep(3); $Net::Pkt::Dump->analyze; # Analyze what have been captured by tcpdump, and # unpack all frames into Net::Packet::Frame format my $reply = $frame->recv; # Get the Net::Packet::Frame corresponding to # the Net::Packet::Frame request from captured # frames stored in $Net::Packet::Dump->frames # Print response content, if any if ($reply) { $reply->ipPrint; $reply->tcpPrint; }
An alternative way is to use the global $Net::Packet::Timeout, which is set to 1 if no frame at all have been received from a certain amount of time. Be sure to create a Net::Packet::Dump object with a good pcap filter, because even if the packet read from the network is not destinated to your request, it resets the timeout. See Net::Packet::Dump.
until ($Net::Packet::Timeout) { if ($Net::Packet::Dump->next && $frame->recv) { print "\nReply:\n"; $frame->reply->ipPrint; $frame->reply->tcpPrint; last; } }
The method next only analyze for the next captured frame, but the analyze method is more a one shot since it analyzes all captured frames. See Net::Packet::Dump.
For more examples, see the examples directory in the source tarball.
Patrice <GomoR> Auffret
Copyright (c) 2004, Patrice <GomoR> Auffret
You may distribute this module under the terms of the Artistic license. See Copying file in the source distribution archive.
NetPacket, Net::RawIP, Net::RawSock
1 POD Error
The following errors were encountered while parsing the POD:
Non-ASCII character seen before =encoding in '# Analyze'. Assuming CP1252
To install Net::Packet, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Net::Packet
CPAN shell
perl -MCPAN -e shell install Net::Packet
For more information on module installation, please visit the detailed CPAN module installation guide.