NAME

Net::PcapWriter - simple creation of pcap files from code

SYNOPSIS

use Net::PcapWriter;
my $writer = Net::PcapWriter->new('test.pcap');
my $conn = $writer->tcp_conn('1.2.3.4',1234,'5.6.7.8',80);

# this will automatically add syn..synack..ack handshake to pcap
# each write will be a single packet
$conn->write(0,"POST / HTTP/1.0\r\nContent-length: 3\r\n\r\n");
$conn->ack(1); # force ack from server

# send another packet w/o forcing ack
$conn->write(0,"abc");

# client will no longer write
$conn->shutdown(0);

# this will automatically add ack to last packet
$conn->write(1,"HTTP/1.0 200 Ok\r\nContent-length: 10\r\n\r\n");
$conn->write(1,"0123456789");

# will automatically add remaining FIN+ACK
undef $conn;

# write some UDP packets with IPv6
$conn = $writer->udp_conn('dead::beaf',1234,'beaf::dead',53);
$conn->write(0,"....");
$conn->write(1,"....");

# write a ping exchange (works also with IPv6)
$conn = $writer->icmp_echo_conn('1.2.3.4','5.6.7.8',10);
$conn->ping(1,"foo");
$conn->ping(2,"bar");
$conn->pong(1,"foo");

DESCRIPTION

With Net::PcapWriter it is possible to create pcap files within a program without capturing any data. This is useful for setting up test data without setting up the needed infrastructure for data creation and capturing.

The following methods are supported:

$class->new([$filename|$handle])

Creates new object. If file name is given it will be opened for writing, if file handle is given it will be used. Otherwise the pcap data will be written to STDOUT. Will write pcap header for DLT_RAW to pcap file.

$writer->packet($pkt,[$timestamp])

Will write raw Layer 2 packet $pkt with $timestamp in pcap file. $timestamp can be time_t (seconds), float (like time_t, but with higher resolution) or <[$sec,$msec]> like in <struct timeval>. If $timestamp is not given will use Time::HiRes::gettimeofday.

To get the Layer 2 prefix in case of IP data use $writer-layer2prefix($ip)>.

$writer->tcp_conn($src,$sport,$dst,$dport)

Will return Net::PcapWriter::TCP object, which then provides the following methods:

$tcpconn->write($dir,$data,[$timestamp])

Will write the given data for the direction $dir (0 are data from client to server, 1 the other way). Will write TCP handshake if not done yet.

$tcpconn->ack($dir,[$timestamp])

Will write an empty message with an ACK from direction $dir.

$tcpconn->shutdown($dir,[$timestamp])

Will add FIN+ACK for shutdown from direction $dir unless already done.

$tcpconn->write_with_flags($dir,$data,\%flags,[$timestamp])

Write a TCP packet with specific flags, like <{ syn = 1, ack => 1 }>>. This is also internally used to automatically add the initial handshake (i.e SYN from client, SYN+ACK from server and SYN+ACK from client) and the close of the connection (FIN), whereby the close can be easier handled with shutdown.

Possible flags are syn, ack, fin, rst, psh and rst.

undef $tcpconn

Will call shutdown for both $dir before destroying connection object.

$writer->udp_conn($src,$sport,$dst,$dport)

Will return Net::PcapWriter::UDP object, which then provides the following methods:

$tcpconn->write($dir,$data,[$timestamp])

Will write the given data for the direction $dir (0 are data from client to server, 1 the other way).

$writer->icmp_echo_conn($src,$dst,[$id])

Will return Net::PcapWriter::ICMP_Echo object which provides a connection with echo request and reply using the identifier $id (default 0). This object can handle echo request/reply for ICMP and ICMPv6. It has the following methods:

$echo->ping($seq,$data,[$timestamp])

Will write an ICMP echo request from connection source to destination with sequence $seq and data $data.

$echo->pong($seq,$data,[$timestamp])

Will write an ICMP echo reply from connection destination to source with sequence $seq and data $data.

AUTHOR

Steffen Ullrich <sullr@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2015 by Steffen Ullrich.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.