NAME

Net::Inspect::L3::IP - get raw IP packets, reassemble fragments

SYNOPSIS

my $raw = Net::Inspect::L3::IP->new($tcp);
$raw->pktin($data,$timestamp);

DESCRIPTION

Gets Raw-IP packets via pktin hook, extracts meta-data, reassembles fragmented packets and calls pktin hook on attached flows, once for each full packet.

Provides the hooks required by Net::Inspect::L2::Pcap. Usually Net::Inspect::L4::TCP or similar are used as upper flow.

Constructor:

new(%args): The only used argument is %args is timeout, which specifies when timeout in seconds, after which the next fragment of a packet must be received. Defaults to 60.

Hooks provided:

pktin($data,$timestamp)

Hooks called:

pktin($ip_data,\%meta)

The following meta data are given:

time: time when the last fragment of the packet was received. Like time_t, but double.
saddr, daddr: the addresses of the sender and destination of the packet
proto: protocol of the packet
qos: QoS (IPv4) flags or Type Of Service (IPv6) of the packet
ttl: TTL (IPv4) or hoplimit (IPv6) counter of the packet
flowlabel: flow label (IPv6 only)
id: id of the packet (IPv4 only)
fragments: Number of fragments or undef if packet wasn't fragmented (IPv4 only)

LIMITS

To install Net::Inspect, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::Inspect

CPAN shell

perl -MCPAN -e shell
install Net::Inspect

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

LIMITS

Module Install Instructions