GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  NET::FRAME::DUMP::OFFLINE (3)

.ds Aq ’

NAME

Net::Frame::Dump::Offline - tcpdump like implementation, offline mode

CONTENTS

SYNOPSIS



   use Net::Frame::Dump::Offline;

   #
   # Simple offline anaysis
   #
   my $oDump = Net::Frame::Dump::Offline->new(file => $file);

   $oDump->start;

   my $count = 0;
   while (my $h = $oDump->next) {
      my $f = Net::Frame::Simple->new(
         raw        => $h->{raw},
         firstLayer => $h->{firstLayer},
         timestamp  => $h->{timestamp},
      );
      my $len = length($h->{raw});
      print o Frame number: .$count++." (length: $len)\n";
      print $f->print."\n";
   }

   $oDump->stop;

   #
   # Default parameters on creation
   #
   my $oDumpDefault = Net::Frame::Dump::Offline->new(
      file          => "netframe-tmp-$$.$int.pcap",
      filter        => ,
      isRunning     => 0,
      keepTimestamp => 0,
   );



DESCRIPTION

This module implements a tcpdump-like program, for offline analysis.

ATTRIBUTES

The following are inherited attributes:
<B>fileB> Name of the .pcap file to read.
<B>filterB> Pcap filter to use. Default to no filter.
<B>firstLayerB> Stores information about the first layer type contained on read frame. This attribute is filled only after a call to <B>startB> method.
<B>isRunningB> Returns true if a call to start has been done, false otherwise or if a call to stop has been done.
<B>keepTimestampB> Sometimes, when frames are captured and saved to a .pcap file, timestamps sucks. That is, you send a frame, and receive the reply, but your request appear to have been sent after the reply. So, to correct that, you can use <B>Net::Frame::DumpB> own timestamping system. The default is 0. Set it manually to 1 if you need original .pcap frames timestamps.

METHODS

<B>newB>
<B>newB> (hash) Object constructor. You can pass attributes that will overwrite default ones. See <B>SYNOPSISB> for default values.
<B>startB> When you want to start reading frames from the file, call this method.
<B>stopB> When you want to stop reading frames from the file, call this method.
<B>nextB> Returns the next captured frame; undef if no more frames are awaiting.
<B>storeB> (<B>Net::Frame::SimpleB> object) This method will store internally, sorted, the <B>Net::Frame::SimpleB> object passed as a single parameter. <B>getKeyB> methods, implemented in various <B>Net::Frame::LayerB> objects will be used to efficiently retrieve (via <B>getKeyReverseB> method) frames.

Basically, it is used to make <B>recvB> method (from <B>Net::Frame::SimpleB>) to retrieve quickly the reply frame for a request frame.

<B>getFramesForB> This will return an array of possible reply frames for the specified <B>Net::Frame::SimpleB> object. For example, reply frames for a UDP probe will be all the frames which have the same source port and destination port as the request.
<B>flushB> Will flush stored frames, the one which have been stored via <B>storeB> method.

SEE ALSO

Net::Frame::Dump

AUTHOR

Patrice <GomoR> Auffret

COPYRIGHT AND LICENSE

Copyright (c) 2006-2014, Patrice <GomoR> Auffret

You may distribute this module under the terms of the Artistic license. See LICENSE.Artistic file in the source distribution archive.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 NET::FRAME::DUMP::OFFLINE (3) 2014-12-09

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.