Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   9211 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

NetPacket::TCP(3pm)   User Contributed Perl Documentation  NetPacket::TCP(3pm)

NAME
       NetPacket::TCP - Assemble and disassemble TCP (Transmission Control
       Protocol) packets.

VERSION
       version 1.6.0

SYNOPSIS
	 use NetPacket::TCP;

	 $tcp_obj = NetPacket::TCP->decode($raw_pkt);
	 $tcp_pkt = $tcp_obj->encode($ip_pkt);
	 $tcp_data = NetPacket::TCP::strip($raw_pkt);

DESCRIPTION
       "NetPacket::TCP" provides a set of routines for assembling and
       disassembling packets using TCP (Transmission Control Protocol).

   Methods
       "NetPacket::TCP->decode([RAW PACKET])"
	   Decode the raw packet data given and return an object containing
	   instance data.  This method will quite happily decode garbage
	   input.  It is the responsibility of the programmer to ensure valid
	   packet data is passed to this method.

       "NetPacket::TCP->encode($ip_obj)"
	   Return a TCP packet encoded with the instance data specified.
	   Needs parts of the ip header contained in $ip_obj in order to
	   calculate the TCP checksum.

       "$packet->parse_tcp_options"
	   Returns a hash (or a hash ref in scalar context) contaning the
	   packet's options.

	   For now the method only recognizes well-known and widely used
	   options (MSS, noop, windows scale factor, SACK permitted, SACK,
	   timestamp).	If the packet contains options unknown to the method,
	   it may fail.

   Functions
       "NetPacket::TCP::strip([RAW PACKET])"
	   Return the encapsulated data (or payload) contained in the TCP
	   packet.  This data is suitable to be used as input for other
	   "NetPacket::*" modules.

	   This function is equivalent to creating an object using the
	   "decode()" constructor and returning the "data" field of that
	   object.

   Instance data
       The instance data for the "NetPacket::TCP" object consists of the
       following fields.

       src_port
	   The source TCP port for the packet.

       dest_port
	   The destination TCP port for the packet.

       seqnum
	   The TCP sequence number for this packet.

       acknum
	   The TCP acknowledgement number for this packet.

       hlen
	   The header length for this packet.

       reserved
	   The 6-bit "reserved" space in the TCP header.

       flags
	   Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for
	   this packet.

       winsize
	   The TCP window size for this packet.

       cksum
	   The TCP checksum.

       urg The TCP urgent pointer.

       options
	   Any TCP options for this packet in binary form.

       data
	   The encapsulated data (payload) for this packet.

   Exports
       default
	   FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate
	   flag.

       exportable
	   tcp_strip

       tags
	   The following tags group together related exportable items.

	   ":strip"
	       Import the strip function "tcp_strip".

	   ":ALL"
	       All the above exportable items.

EXAMPLE
       The following script is a primitive pop3 sniffer.

	 #!/usr/bin/perl -w

	 use strict;
	 use Net::PcapUtils;
	 use NetPacket::Ethernet qw(:strip);
	 use NetPacket::IP qw(:strip);
	 use NetPacket::TCP;

	 sub process_pkt {
	     my($arg, $hdr, $pkt) = @_;

	     my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));

	     if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
		 print($tcp_obj->{data});
	     }
	 }

	 Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');

       The following uses NetPacket together with Net::Divert to add a syn
       flag to all TCP packets passing through:

	 #!/usr/bin/perl

	 use Net::Divert;
	 use NetPacket::IP qw(IP_PROTO_TCP);
	 use NetPacket::TCP;

	 $divobj = Net::Divert->new('yourhostname',9999);

	 $divobj->getPackets(\&alterPacket);

	 sub alterPacket {
	     my($packet,$fwtag) = @_;

	     # decode the IP header
	     $ip_obj = NetPacket::IP->decode($packet);

	     # check if this is a TCP packet
	     if($ip_obj->{proto} == IP_PROTO_TCP) {

		 # decode the TCP header
		 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});

		 # set the syn flag
		 $tcp_obj->{flags} |= SYN;

		 # construct the new ip packet
		 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
		 $packet = $ip_obj->encode;

	     }

	     # write it back out
	     $divobj->putPacket($packet,$fwtag);
	  }

TODO
       Assembly of TCP fragments into a data stream
       Option processing
       Nicer processing of TCP flags

COPYRIGHT
       Copyright (c) 2001 Tim Potter and Stephanie Wehner.

       Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the
       participants in the CRC for Advanced Computational Systems ('ACSys').

       This module is free software.  You can redistribute it and/or modify it
       under the terms of the Artistic License 2.0.

       This program is distributed in the hope that it will be useful, but
       without any warranty; without even the implied warranty of
       merchantability or fitness for a particular purpose.

AUTHOR
       Tim Potter <tpot@samba.org>

       Stephanie Wehner <atrak@itsx.com>

perl v5.20.2			  2015-03-13		   NetPacket::TCP(3pm)

Vote for polarhome