physacco/ruby-pcap-usage.md

Last active December 15, 2015 23:59

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/physacco/5344398.js"></script>
Save physacco/5344398 to your computer and use it in GitHub Desktop.

Download ZIP

Usage of the ruby-pcap gem.

Raw

ruby-pcap-usage.md

Pcaplet example

# examples/tcpdump.rb
require 'pcaplet'
include Pcap

pcaplet = Pcaplet.new
pcaplet.each_packet do |pkt|

  # available methods of pkt:
  # Packet type:
  pkt.ip?
  pkt.tcp?
  pkt.udp?

  # IP address:
  pkt.ip_src
  pkt.src
  pkt.ip_dst
  pkt.dst

  # TCP/UDP port:
  pkt.sport
  pkt.udp_sport
  pkt.dport
  pkt.udp_dport

  # Timestamp:
  pkt.time
  pkt.time_i

  # Size:
  pkt.size
  pkt.caplen
end

physacco/ruby-pcap-usage.md

Select an option

No results found

Select an option

No results found

Pcaplet example