codingtony · February 12, 2015 20:26
diff --git a/extractUDPDataFromPcapFile.pl b/extractUDPDataFromPcapFile.pl
 #!/usr/bin/perl

 use strict;
 use warnings;


 use Net::Pcap;
 use NetPacket::Ethernet qw(:types);
 use NetPacket::IP qw(:protos);
 use NetPacket::UDP;
 use NetPacket::TCP;

 my $err;
 my $pcapFile =  $ARGV[0];
 my $outFile = $ARGV[1];
 open(my $fh, '>', $outFile) or die "Could not open file '$outFile' $!";

 my $maxpkts=0;
 my $pcap = Net::Pcap::open_offline($pcapFile, \$err) or die "Can't read '$pcapFile': $err\n";


 Net::Pcap::loop($pcap, $maxpkts, \&process_packet, '');
 Net::Pcap::close($pcap);
 close $fh;

 sub process_packet() {
        my ($user_data, $header, $packet) = @_;
        my $ip = NetPacket::IP->decode(NetPacket::Ethernet::strip($packet));
        if ($ip -> {proto} == IP_PROTO_UDP) {
                my $udp = NetPacket::UDP -> decode($ip -> {data});
                print $fh "$udp->{data} \n";
        }
 }
	#!/usr/bin/perl

	use strict;
	use warnings;


	use Net::Pcap;
	use NetPacket::Ethernet qw(:types);
	use NetPacket::IP qw(:protos);
	use NetPacket::UDP;
	use NetPacket::TCP;

	my $err;
	my $pcapFile = $ARGV[0];
	my $outFile = $ARGV[1];
	open(my $fh, '>', $outFile) or die "Could not open file '$outFile' $!";

	my $maxpkts=0;
	my $pcap = Net::Pcap::open_offline($pcapFile, \$err) or die "Can't read '$pcapFile': $err\n";


	Net::Pcap::loop($pcap, $maxpkts, \&process_packet, '');
	Net::Pcap::close($pcap);
	close $fh;

	sub process_packet() {
	my ($user_data, $header, $packet) = @_;
	my $ip = NetPacket::IP->decode(NetPacket::Ethernet::strip($packet));
	if ($ip -> {proto} == IP_PROTO_UDP) {
	my $udp = NetPacket::UDP -> decode($ip -> {data});
	print $fh "$udp->{data} \n";
	}
	}