BP


Net::Pcap for Win32


One rather curious thing I've noticed about aesthetic satisfaction is that our pleasure is significantly enhanced when we accomplish something with limited tools.
Donald E. Knuth,
Computer Programming as an Art.

Introduction

The Tim Potter's module Net::Pcap is an interface to the libpcap library, the well known packet capture library for Unix.

The NetGroup at the Politecnico di Torino write WinPcap, an architecture for packet capture and network analysis for the Win32 platforms. WinPcap is compatible with libpcap.

With a small hack (because, in short, Perl is compiled with winsock.h and WinPcap with winsock2.h), I succeeded in compiling Net::Pcap with WinPcap. It's this patched version of Net::Pcap that you will find here.

Keep in mind that this module is still a beta version for this platform. Don't use it in a production script. In agreement with Tim Potter, it will be incorporated in a future release of Net::Pcap.

Added in the new beta 2 version:

See the POD: Net::Pcap.

Report bug (for this version only) to jl_morel@bribes.org. Thanks.

Download

In order to use Net::Pcap in your Perl scripts, it is necessary to install WinPcap on your machine.

Download the 3.1 beta 4 (recommanded) or the 3.0 version WinPcap auto-installer (driver +DLLs) and run the executable.

If you are using ActiveState's Perl distribution (Perl5.6 or Perl5.8), the easiest way to install this module is to use ppm. Type (or cut & paste) this command in a DOS console:

     ppm install http://www.bribes.org/perl/ppm/Net-Pcap.ppd

The documentation, in html format, is at its usual location.

You can also install Net::PcapUtils the same way with

     ppm install http://www.bribes.org/perl/ppm/Net-PcapUtils.ppd

See also my ppm repository.

If you want, you can download the source file here: Net-Pcap-0.04.02.tar.gz
To install the module, read the README file (a C compiler is needed).

Example script

This very simple script prints ten packets (in hexa and ASCII) before ending.
#!/usr/bin/perl -w
use strict;
use Net::PcapUtils;
$,=' ';

my $error = Net::PcapUtils::loop(\&print_packet,
                                 NUMPACKETS => 10,
                                 );
die $error if $error;

sub print_packet {
  my($user_data, $header, $packet) = @_;    
  my $len = length $packet;
  my $i=0;
  do {    
    my $lg = substr $packet, $i, 16;
    printf "%.8X : ", $i;
    $i+=16;
    print unpack ('H2'x16, $lg), '  'x(16-length $lg);
    $lg =~ s/[\x00-\x1F\xFF]/./g;
    print " $lg\n";
  } until $i>=$len;
  print "\n";
}

One gets something like that:

console

Useful links

Back to Top


BP 2003-2005 J-L Morel - Contact : jl_morel@bribes.org [Validation HTML 4.0!]