DOKK / manpages / debian 12 / libnetpacket-perl / NetPacket::TCP.3pm.en
NetPacket::TCP(3pm) User Contributed Perl Documentation NetPacket::TCP(3pm)

NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets.

version 1.7.2

  use NetPacket::TCP;
  $tcp_obj = NetPacket::TCP->decode($raw_pkt);
  $tcp_pkt = $tcp_obj->encode($ip_pkt);
  $tcp_data = NetPacket::TCP::strip($raw_pkt);

"NetPacket::TCP" provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol).

"NetPacket::TCP->decode([RAW PACKET])"
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
"NetPacket::TCP->encode($ip_obj)"
Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum.
"$packet->parse_tcp_options"
Returns a hash (or a hash ref in scalar context) containing the packet's options.

For now the method only recognizes well-known and widely used options (MSS, noop, windows scale factor, SACK permitted, SACK, timestamp). If the packet contains options unknown to the method, it may fail.

"NetPacket::TCP::strip([RAW PACKET])"
Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other "NetPacket::*" modules.

This function is equivalent to creating an object using the "decode()" constructor and returning the "data" field of that object.

The instance data for the "NetPacket::TCP" object consists of the following fields.

The source TCP port for the packet.
The destination TCP port for the packet.
The TCP sequence number for this packet.
The TCP acknowledgement number for this packet.
The header length for this packet.
The 6-bit "reserved" space in the TCP header.
Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.
The TCP window size for this packet.
The TCP checksum.
The TCP urgent pointer.
Any TCP options for this packet in binary form.
The encapsulated data (payload) for this packet.

FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag.
tcp_strip
The following tags group together related exportable items.
":strip"
Import the strip function "tcp_strip".
":ALL"
All the above exportable items.

The following script is a primitive pop3 sniffer.

  #!/usr/bin/perl -w
  use strict;
  use Net::PcapUtils;
  use NetPacket::Ethernet qw(:strip);
  use NetPacket::IP qw(:strip);
  use NetPacket::TCP;
  sub process_pkt {
      my($arg, $hdr, $pkt) = @_;
      my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));
      if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
          print($tcp_obj->{data});
      }
  }
  Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');

The following uses NetPacket together with Net::Divert to add a syn flag to all TCP packets passing through:

  #!/usr/bin/perl
  use Net::Divert;
  use NetPacket::IP qw(IP_PROTO_TCP);
  use NetPacket::TCP;
  $divobj = Net::Divert->new('yourhostname',9999);
  $divobj->getPackets(\&alterPacket);
  sub alterPacket {
      my($packet,$fwtag) = @_;
      # decode the IP header
      $ip_obj = NetPacket::IP->decode($packet);
      # check if this is a TCP packet
      if($ip_obj->{proto} == IP_PROTO_TCP) {
          # decode the TCP header
          $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});
          # set the syn flag
          $tcp_obj->{flags} |= SYN;
          # construct the new ip packet
          $ip_obj->{data} = $tcp_obj->encode($ip_obj);
          $packet = $ip_obj->encode;
      }
      # write it back out
      $divobj->putPacket($packet,$fwtag);
   }

Copyright (c) 2001 Tim Potter and Stephanie Wehner.

Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys').

This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0.

This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.

Tim Potter <tpot@samba.org>

Stephanie Wehner <atrak@itsx.com>

2022-11-19 perl v5.36.0