Pcaplet

Pcaplet provides a template for packet monitoring tool using Capture. You need to require 'pcaplet' to use this class.

Typical usage:

require 'pcaplet'

my_tool = Pcaplet.new
my_tool.each_packet {|pkt|
  # code for processing pkt
}
my_tool.close
        

Pcaplet interprets filter expression specified in command line and following command line options as tcpdump does.

-i -r -c -s -n

'-r' option can handle gzipped file.

Super Class:

Object

Class Methods:

new([option])

Generate Pcaplet instance. Command line analysis and device open is performed. option is added to command line options.

Methods:

add_filter(filter)

Add filter to the filter specified in command line. Filter is set as follows.

"( current_filter ) and ( filter )"

each_packet {|packet|...}

each {|packet|...}

Iterate over each packet. The argument given to the block is an instance of Packet or its sub-class.

capture

Return Capture object which is used internally.

close

Close underlying device.

fukusima@goto.info.waseda.ac.jp