Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  NETPACKET::TCP (3)

.ds Aq ’


NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets.



version 1.4.1


  use NetPacket::TCP;

  $tcp_obj = NetPacket::TCP->decode($raw_pkt);
  $tcp_pkt = $tcp_obj->encode($ip_pkt);
  $tcp_data = NetPacket::TCP::strip($raw_pkt);


NetPacket::TCP provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol).


NetPacket::TCP->decode([RAW PACKET]) Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::TCP->encode($ip_obj) Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum.
$packet->parse_tcp_options Returns a hash (or a hash ref in scalar context) contaning the packet’s options.

For now the method only recognizes well-known and widely used options (MSS, noop, windows scale factor, SACK permitted, SACK, timestamp). If the packet contains options unknown to the method, it may fail.


NetPacket::TCP::strip([RAW PACKET]) Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other NetPacket::* modules.

This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.

    Instance data

The instance data for the NetPacket::TCP object consists of the following fields.
src_port The source TCP port for the packet.
dest_port The destination TCP port for the packet.
seqnum The TCP sequence number for this packet.
acknum The TCP acknowledgement number for this packet.
hlen The header length for this packet.
reserved The 6-bit reserved space in the TCP header.
flags Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.
winsize The TCP window size for this packet.
cksum The TCP checksum.
urg The TCP urgent pointer.
options Any TCP options for this packet in binary form.
data The encapsulated data (payload) for this packet.


default FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag.
exportable tcp_strip
tags The following tags group together related exportable items.
:strip Import the strip function tcp_strip.
:ALL All the above exportable items.


The following script is a primitive pop3 sniffer.

  #!/usr/bin/perl -w

  use strict;
  use Net::PcapUtils;
  use NetPacket::Ethernet qw(:strip);
  use NetPacket::IP qw(:strip);
  use NetPacket::TCP;

  sub process_pkt {
      my($arg, $hdr, $pkt) = @_;

      my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));

      if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {

  Net::PcapUtils::loop(\&process_pkt, FILTER => tcp);

The following uses NetPacket together with Net::Divert to add a syn flag to all TCP packets passing through:


  use Net::Divert;
  use NetPacket::IP qw(IP_PROTO_TCP);
  use NetPacket::TCP;

  $divobj = Net::Divert->new(yourhostname,9999);


  sub alterPacket {
      my($packet,$fwtag) = @_;

      # decode the IP header
      $ip_obj = NetPacket::IP->decode($packet);

      # check if this is a TCP packet
      if($ip_obj->{proto} == IP_PROTO_TCP) {

          # decode the TCP header
          $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});

          # set the syn flag
          $tcp_obj->{flags} |= SYN;

          # construct the new ip packet
          $ip_obj->{data} = $tcp_obj->encode($ip_obj);
          $packet = $ip_obj->encode;


      # write it back out


Assembly of TCP fragments into a data stream
Option processing
Nicer processing of TCP flags


Copyright (c) 2001 Tim Potter and Stephanie Wehner.

Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems (’ACSys’).

This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0.

This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.


Tim Potter <>

Stephanie Wehner <>

Search for    or go to Top of page |  Section 3 |  Main Index

perl v5.20.3 NETPACKET::TCP (3) 2016-03-17

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.