Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re^3: Packet parsing module in perl

by jettero (Monsignor)
on Feb 27, 2009 at 12:07 UTC ( [id://746845]=note: print w/replies, xml ) Need Help??


in reply to Re^2: Packet parsing module in perl
in thread Packet parsing module in perl

I don't think the actual packets have timestamps -- could be wrong -- but I know the libpcap files do contain them. I think your best bet (as mentioned above) is to use the Net::Pcap library to read the source file and get the timestamps from there. It seems it does have a pcap_open_offline method, which I don't know how to use, that probably reads the file in.

How to get the actual timestamps from the packets: 

   sub process_packet {
       my($user_data, $header, $packet) = @_;

       print "time: $header->{tv_sec}\n";
   }

  # The header information is a reference to a hash containing the fol
+lowing fields.
  # 
  #  *   "len" - the total length of the packet.
  #  *   "caplen" - the actual captured length of the packet
  #  *   "tv_sec" - seconds value of the packet timestamp.
  #  *   "tv_usec" - microseconds value of the packet timestamp.

[download]

-Paul

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://746845]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others examining the Monastery: (7)
As of 2024-04-19 07:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found