Troubles using Net::Pcap and Net::PcapUtils
in [Perl]
|
Prev: FAQ 4.43 How do I compute the difference of two arrays? How do I compute the intersection of two arrays?
Next: How to generate random number without replacement?
From: Ted Byers on 31 May 2010 22:07 I am using Activestate perl 5.10.0 on Windows XP. I used ppm to install Net::Pcap and Net::PcapUtils, having already installed WinPcap. That install seems to be OK, since WinDump gets device information Here is what it gives me: K:\WinDump>WinDump -D 1.\Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture) 2.\Device\NPF_{4F9C5FE2-01EF-47B8-8B72-420927DB17A6} (D-Link WDA-1320 Wireless G Desktop Adapter) 3.\Device\NPF_{99D913FB-6354-4C53-9215-B70123099406} (Realtek RTL8139/810x Family Fast Ethernet NIC. But the following gives me nothing: use Net::PcapUtils; sub process_pkt #Packet processing routine. { print("Got a packet!\n"); } Net::PcapUtils::loop(\&process_pkt, SNAPLEN => 65535, #Size of data to get from packet PROMISC => 1,); #Promiscuous means look at ALL packets Yes, I copied this from a tutorial. But it terminates in seconds without giving any output. My impression, from the tutorial, was that it would run until I killed the process, and print "Got a packet!" each time a packet was sent or received by my machine; but it finishes so fast I don't even have time to switch to my browser to get the page at www.google.ca (I even have that page open and try to just refresh the page, in an effort to see what packets are sent and received, but to no avail). Is there a forum specific to network programming where I can find out what is awry? Or is there someone here who knows these packages who can advise on resolving this problem. The searches, using google, I have done so far have proved fruitless. Thanks Ted
From: Uri Guttman on 31 May 2010 22:47 >>>>> "TB" == Ted Byers <r.ted.byers(a)gmail.com> writes: TB> use Net::PcapUtils; did you read the docs for that module? always do so. TB> sub process_pkt #Packet processing routine. TB> { TB> print("Got a packet!\n"); TB> } TB> Net::PcapUtils::loop(\&process_pkt, TB> SNAPLEN => 65535, #Size of data to get from TB> packet TB> PROMISC => 1,); #Promiscuous means look at TB> ALL packets from the docs: On error, this function returns an error string describing the error. An empty string is returned upon success. you aren't checking of the call succeeds nor are you printing out any error messages. do you know if it found the net device correctly? also try doing something with net::pcap itself as that is what is doing all the real work. if that works, then you can focus on why this module isn't working. TB> Is there a forum specific to network programming where I can find out TB> what is awry? Or is there someone here who knows these packages who TB> can advise on resolving this problem. The searches, using google, I TB> have done so far have proved fruitless. this is dark magic stuff. the pcap lib and module do work but i have seen many people struggle with issues. all are surmountable but they do take some time and effort. uri -- Uri Guttman ------ uri(a)stemsystems.com -------- http://www.sysarch.com -- ----- Perl Code Review , Architecture, Development, Training, Support ------ --------- Gourmet Hot Cocoa Mix ---- http://bestfriendscocoa.com ---------
From: Ted Byers on 1 Jun 2010 09:43 On May 31, 10:47 pm, "Uri Guttman" <u...(a)StemSystems.com> wrote: > >>>>> "TB" == Ted Byers <r.ted.by...(a)gmail.com> writes: > > TB> use Net::PcapUtils; > > did you read the docs for that module? always do so. > > TB> sub process_pkt #Packet processing routine. > TB> { > TB> print("Got a packet!\n"); > TB> } > > TB> Net::PcapUtils::loop(\&process_pkt, > TB> SNAPLEN => 65535, #Size of data to get from > TB> packet > TB> PROMISC => 1,); #Promiscuous means look at > TB> ALL packets > > from the docs: > > On error, this function returns an error string describing the > error. An empty string is returned upon success. > > you aren't checking of the call succeeds nor are you printing out any > error messages. > OK, adding that still results in no output at all. > do you know if it found the net device correctly? > It appears it hasn't, though there is no message to that effect. > also try doing something with net::pcap itself as that is what is doing > all the real work. if that works, then you can focus on why this module > isn't working. > OK, I tried John Brozycki's pickinterface script from 08/11/2009, and it too produces no output at all. Here is his script (it is short and sweet), with my comments added: use strict; use warnings; use Net::PcapUtils; $, = ' '; $|++; $settings = "k:\\webcap\\interface.txt"; open (SETTINGSFILE,">$settings"); my ( $error, %description ); my @adapter = Net::Pcap::findalldevs( \$error, \%description ); @adapter > 0 or die "No adapter installed !\n"; #At this point, the message "No Adapter installed!" is NOT printed, so findalldevs must have returned something # or the script is failing somewhere within the findalldevs call (because nothing of significance happens # before it), but it is failing without any error message being produced. my $i = 1; if ( @adapter > 0 ) { #Change 1 to 0 if you want prompt even if only 1 adapter # I changed this so that even if only one adapter is found, it would print something, however, none # of the following print statements actually prints anything. print "\nThis utility needs to be run before running webcap for the first time\n"; print "and then when you change the network adapters in your system or want to\n"; print "capture from a different adapter.\n\n"; print "It outputs the selected adapter to a settings file. Webcap reads\n"; print "this file at startup.\n\n"; print "Here are the adapters found:\n\n"; print $i++, " - $description{$_}\n $_\n" foreach @adapter; do { print "\nPlease select the number of the adapter to set as the capture device:"; $i = <STDIN>; chomp $i; } until ( $i =~ /^(\d)+$/ and 0 < $i and $i <= @adapter ); } print "\nSet to Listen to $description{$adapter[$i-1]}\n\n"; print "...which is referenced by the system as:\n\n".$adapter[ $i - 1]."\n"; print SETTINGSFILE ($adapter[ $i - 1]); close SETTINGSFILE; Then, I try the same thig with Net::Pcal use strict; use warnings; use Net::Pcap; $| = 1; my $err = ''; my $dev = Net::Pcap::pcap_lookupdev(\$err); # find a device if (length $err > 0) { print "Device lookup error: $err\n\n"; exit; } print $dev,"\n"; exit; And THIS trivially simple script produces no output. Both $err and $dev appear to be empty! This could hardly be more elementary in that all this script does is use Pcaps to find a NIC. But we know that WinPcap is installed and working correctly since WinDump finds 3 devices (as described in my previous post. Thanks Ted > TB> Is there a forum specific to network programming where I can find out > TB> what is awry? Or is there someone here who knows these packages who > TB> can advise on resolving this problem. The searches, using google, I > TB> have done so far have proved fruitless. > > this is dark magic stuff. the pcap lib and module do work but i have > seen many people struggle with issues. all are surmountable but they do > take some time and effort. > > uri > > -- > Uri Guttman ------ u...(a)stemsystems.com -------- http://www.sysarch.com-- > ----- Perl Code Review , Architecture, Development, Training, Support ------ > --------- Gourmet Hot Cocoa Mix ---- http://bestfriendscocoa.com---------
From: Uri Guttman on 1 Jun 2010 12:09
not much more i can do since i don't have winblows running anywhere. uri -- Uri Guttman ------ uri(a)stemsystems.com -------- http://www.sysarch.com -- ----- Perl Code Review , Architecture, Development, Training, Support ------ --------- Gourmet Hot Cocoa Mix ---- http://bestfriendscocoa.com --------- |