return Net::Analysis::Packet->new
  ({to    => "$ip_obj->{dest_ip}:$tcp_obj->{dest_port}",
    from  => "$ip_obj->{src_ip}:$tcp_obj->{src_port}",
    flags => $tcp_obj->{flags},
    data  => $tcp_obj->{data},
    seqnum => $tcp_obj->{seqnum},
    acknum => $tcp_obj->{acknum},
    pkt_number => $self->{pkt_number}++,

    # These are turned into the object $pkt->{time}
    tv_sec  => $wire_hdrs->{tv_sec},
    tv_usec => $wire_hdrs->{tv_usec},
   } );

NAME

Net::Analysis::EventLoop - generate a stream of packets

SYNOPSIS

use Net::Analysis::Dispatcher;
use Net::Analysis::EventLoop;

my ($d)  = Net::Analysis::Dispatcher->new();
my ($el) = Net::Analysis::EventLoop->new (dispatcher => $d);

... register some listener modules onto the dispatcher ...

# Now run it over a file ...
$el->loop_file (filename => 'some.tpcdump');

# ... or run it over many files ...
$d->emit_event (name => 'setup'); # need to handle setup/teardown by hand
foreach (qw(file1 file2 ...)) {
  $el->loop_file (filename => $_, no_setup_teardown => 1);
}
$d->emit_event (name => 'teardown');

# ... or try live capture (using the same filter syntax as tcpdump et al)
$el->loop_net (filter => 'port 80');

exit 0;

DESCRIPTION

This module provides the glue between the main dispatcher/listener stuff, and the underlying source of packets.

It gets packets (currently via the NetPacket layer on top of Net::Pcap), turns them into Net::Analysis::Packets, and then dispatches them to any listeners who care about 'tcp_packets'.

Current limitations:

Only TCP packets are handled
It's not designed to be fast; don't run on GB files unless you're about to go home. Live capture on busy servers may not be the best either; make the most specific filter you can, to allow Net::Pcap to reduce the number of packets that get to here. And watch your memory; it's likely to leak.
Live capture is not perfectly integrated; there is no way to cleanly stop capture at this time.

EXPORT

None by default.

AUTHOR

Adam B. Worrall, <worrall@cpan.org>

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.5 or, at your option, any later version of Perl 5 you may have available.

To install Net::Analysis, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::Analysis

CPAN shell

perl -MCPAN -e shell
install Net::Analysis

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)