NAME

Net::Pkt - a unified framework to read and write packets over networks from layer 2 to layer 7

CLASSES HIERARCHY

Net::Pkt
+
|
+-> Net::Pkt::Dump
|
+-> Net::Pkt::Desc
|   +
|   |
|   +-> Net::Pkt::DescL2
|   |
|   +-> Net::Pkt::DescL3
|   |
|   +-> Net::Pkt::DescL4
|   |
|   +-> Net::Pkt::DescL7
|
+-> Net::Pkt::Frame
    +
    |
    +-> Net::Pkt::Layer
        +
        |
        +-> Net::Pkt::Layer2
        |   +
        |   |
        |   +-> Net::Pkt::LayerETH
        |
        +-> Net::Pkt::Layer3
        |   +
        |   |
        |   +-> Net::Pkt::LayerARP
        |   |
        |   +-> Net::Pkt::LayerIPv4
        |
        +-> Net::Pkt::Layer4
        |   +
        |   |
        |   +-> Net::Pkt::LayerTCP
        |   |
        |   +-> Net::Pkt::LayerUDP
        |
        +-> Net::Pkt::Layer7

Net::Pkt::Quick

DESCRIPTION

This module is a unified framework to craft, send and receive packets at layers 2, 3, 4 and 7 (but 4 and 7 are just here for completeness, they have not been thoroughly tested. And you should use IO::Socket for layer 7, anyway).

Basically, you forge each layer of a frame (Net::Pkt::LayerIPv4 for layer 3, Net::Pkt::LayerTCP for layer 4 ; for example), and pack all of this into a Net::Pkt::Frame object. Then, you can write it to the network, and use Net::Pkt::Dump to receive responses.

GETTING STARED

When you use Net::Pkt for the first time in a program, three package variables are automatically set in Net::Pkt module: $Net::Pkt::Dev, $Net::Pkt::Ip, and $Net::Pkt::Mac. They are taken from the default interface on your machine, the one taken by tcpdump when not user specified. I recommand you to set the package variable $Net::Pkt::Debug to 3 when you are a beginner of this module.

Then, you must set a descriptor that will be used to send and receive packets. We will take as example a program that creates a TCP SYN packet and send it to a target host (10.0.0.1) and port (22):

$Net::Pkt::Debug = 3;

use Net::Pkt::DescL3;
my $desc = Net::Pkt::DescL3->new(ipDst => "10.0.0.1");

When you use the new method with Net::Pkt::DescL3 class, the package variable $Net::Pkt::Desc is automatically set to use this instantiated object. We have used a Net::Pkt::DescL3 here, since we want to craft from the layer 3 (that is, from IP layer). See Net::Pkt::DescL3 for more.

Now that you have your descriptor ready, we can build the frame. So, we will build IP layer and TCP layer like this:

use Net::Pkt::Frame;
my $ip = Net::Pkt::LayerIPv4->new(
   dst => $desc->ipDst,
);
my $tcp = Net::Pkt::LayerTCP->new(
   dst => 22,
);

You do not need to set the source IP, since it will be taken from the package variable $Net::Pkt::Ip. Also, reasonable defaults are set for other fields in those two layers. See Net::Pkt::LayerIPv4 and Net::Pkt::LayerTCP for more.

You have your layers 3 and 4, you can pack all into a frame:

my $frame = Net::Pkt::Frame->new(l3 => $ip, l4 => $tcp);

Before sending this frame over the network, you should set a Net::Pkt::Dump instance object, that will be used to receive the response. When the new method is called, the package variable $Net::Pkt::Dump will be set.

use Net::Pkt::Dump;
my $dump = Net::Pkt::Dump->new(
   filter => $frame->getFilter,
   unlinkAfterAnalyze => 1,
);
$dump->start; # This forks a tcpdump process, with a reasonable filter 
              # built using the created frame

The unlinkAfterAnalyze parameter is used to remove the temporary file created after calling the start method. If you want to keep the file for further analysis, you can remove this parameter. See Net::Pkt::Dump for more.

Finally:

$frame->send;

$dump->stop;    # Stops tcpdump process
$dump->analyze; # Analyze what have been captured by tcpdump, and 
                # unpack all frames into Net::Pkt::Frame format

my $reply = $frame->recv; # Get the Net::Pkt::Frame corresponding to 
                          # the Net::Pkt::Frame request from captured 
                          # frames stored in $Net::Pkt::Dump->frames

# Print response content, if any
if ($reply) {
   $reply->ipPrint;
   $reply->tcpPrint;
}

For more examples, see the examples directory in the source tarball.

AUTHOR

Patrice <GomoR> Auffret

COPYRIGHT AND LICENSE

You may distribute this module under the terms of the Artistic license. See Copying file in the source distribution archive.

NetPacket, Net::RawIP, Net::RawSock

1 POD Error

The following errors were encountered while parsing the POD:

Around line 317:: Non-ASCII character seen before =encoding in '# This'. Assuming CP1252

To install Net::Pkt, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::Pkt

CPAN shell

perl -MCPAN -e shell
install Net::Pkt

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)