Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

how to Decode Hexdata got from Pcap

by Kanishka.black0 (Scribe)
on May 04, 2010 at 15:57 UTC ( [id://838339]=perlquestion: print w/replies, xml ) Need Help??

Kanishka.black0 has asked for the wisdom of the Perl Monks concerning the following question:

I have used libpcap to capture data using Net::Pcap module ... and now ... i have been stuck with decoding... here is the code that i have used http://cpansearch.perl.org/src/SAPER/Net-Pcap-0.16/eg/pcapdump 
#!/usr/bin/perl
use strict;
use Data::Hexdumper;
use File::Basename;
use Getopt::Long        qw(:config no_auto_abbrev);
use Net::Pcap           qw(:functions);
use NetPacket::Ethernet qw(:types);
use NetPacket::IP       qw(:protos);
use NetPacket::TCP;
use Pod::Usage;
use Socket              qw(inet_ntoa);


$::PROGRAM = basename($0);
$::VERSION = "0.01";


# globals
my $dumper  = undef;

my %icmp = (
    ICMP_ECHO           => "echo",
    ICMP_ECHOREPLY      => "echo-reply",
    ICMP_IREQ           => "ireq",
    ICMP_IREQREPLY      => "ireq-reply",
    ICMP_MASREQ         => "mask",
    ICMP_MASKREPLY      => "mask-reply",
    ICMP_PARAMPROB      => "param-prob",
    ICMP_REDIRECT       => "redirect",
    ICMP_ROUTERADVERT   => "router-advert",
    ICMP_ROUTERSOLICIT  => "router-solicit",
    ICMP_SOURCEQUENCH   => "source-quench",
    ICMP_TIMXCEED       => "time-exceeded",
    ICMP_TSTAMP         => "timestamp",
    ICMP_TSTAMPREPLY    => "timestamp-reply",
    ICMP_UNREACH        => "unreachable",
);


MAIN: {
    run();
}


sub run {
    $|++;

    # get options
    my %options = (
        count   =>    10, 
        promisc =>     0, 
        snaplen =>   256, 
        timeout =>    10,
    );

    GetOptions(\%options, qw{
        help|h!  version|V!
        count|c=i  interface|i=s  promisc|p!  snaplen|s=i  writeto|w=s
    }) or pod2usage();

    pod2usage({ -verbose => 2, -exitval => 0 }) if $options{help};
    print "$::PROGRAM v$::VERSION\n" if $options{version};

    my ($err, $net, $mask, $filter);
    my $dev = $options{interface} || pcap_lookupdev(\$err);
    my $filter_str = join " ", @ARGV;

    # open the interface
    my $pcap = pcap_open_live($dev, @options{qw(snaplen promisc timeou
+t)}, \$err)
        or die "fatal: can't open network device $dev: $err ",
               "(do you have the privileges?)\n";

    if ($filter_str) {
        # compile the filter
        pcap_compile($pcap, \$filter, $filter_str, 1, 0) == 0
            or die "fatal: filter error\n";
        pcap_setfilter($pcap, $filter);
    }

    if ($options{writeto}) {
        $dumper = pcap_dump_open($pcap, $options{writeto}) 
            or die "fatal: can't write to file '$options{writeto}': $!
+\n";
    }

    # print some information about the interface we're currently using
    pcap_lookupnet($dev, \$net, \$mask, \$err);
    print "listening on $dev (", dotquad($net), "/", dotquad($mask), "
+)", 
          ", capture size $options{snaplen} bytes";
    print ", filtering on $filter_str"  if $filter_str;
    print $/;

    # enter the main loop
    pcap_loop($pcap, $options{count}, \&process_packet, '');
    pcap_close($pcap);
}


sub process_packet {
    my ($user_data, $header, $packet) = @_;
    my ($proto, $payload, $src_ip, $src_port, $dest_ip, $dest_port, $f
+lags);

    printf "packet: len=%s, caplen=%s, tv_sec=%s, tv_usec=%s\n", 
        map { $header->{$_} } qw(len caplen tv_sec tv_usec);

    # dump the packet if asked to do so
    pcap_dump($dumper, $header, $packet) if $dumper;

    # decode the Ethernet frame
    my $ethframe = NetPacket::Ethernet->decode($packet);

    if ($ethframe->{type} == ETH_TYPE_IP) {
        # decode the IP payload
        my $ipframe = NetPacket::IP->decode($ethframe->{data});
        $src_ip  = $ipframe->{src_ip};
        $dest_ip = $ipframe->{dest_ip};

        if ($ipframe->{proto} == IP_PROTO_ICMP) {
            my $icmpframe = NetPacket::ICMP->decode($ipframe->{data});
            $proto     = "ICMP";
            $payload   = $icmpframe->{data};
        }
        elsif ($ipframe->{proto} == IP_PROTO_TCP) {
            my $tcpframe = NetPacket::TCP->decode($ipframe->{data});
            $proto     = "TCP";
            $src_port  = $tcpframe->{src_port};
            $dest_port = $tcpframe->{dest_port};
            $payload   = $tcpframe->{data};
            $flags     = flags_of($tcpframe->{flags});
        }
        elsif ($ipframe->{proto} == IP_PROTO_UDP) {
            my $udpframe = NetPacket::UDP->decode($ipframe->{data});
            $proto     = "TCP";
            $src_port  = $udpframe->{src_port};
            $dest_port = $udpframe->{dest_port};
            $payload   = $udpframe->{data};
        }

        printf "IP:%s %s:%d -> %s:%d (%s)\n",
            $proto, $src_ip, $src_port, $dest_ip, $dest_port, $flags;
        print hexdump(data => $payload, start_position => 0) if length
+ $payload;
        print $/;
    }
}


sub flags_of {
    my ($flags) = @_;
    my @strarr = ();
    push @strarr, "urg" if $flags & URG;
    push @strarr, "ack" if $flags & ACK;
    push @strarr, "psh" if $flags & PSH;
    push @strarr, "fin" if $flags & FIN;
    push @strarr, "syn" if $flags & SYN;
    push @strarr, "rst" if $flags & RST;
    push @strarr, "ece" if $flags & ECE;
    push @strarr, "cwr" if $flags & CWR;
    return join ",", @strarr
}


sub dotquad {
    return inet_ntoa( pack("I", $_[0]) )
}


__END__

=head1 NAME

pcapdump - Dump packets from the network

=head1 SYNOPSIS

    pcapdump [-c count] [-i interface] [-s snaplen] [-w file] [express
+ion]

    pcapdump --help
    pcapdump --version

=head1 OPTIONS

=over

=item B<-c>, B<--count>  I<N>

Exit after receiving I<N> packets.

=item B<-i>, B<--interface>  I<device>

Listen on the specified interface. If unspecified, the program will us
+e 
the interface returned by C<pcap_lookupdev()>.

=item B<-s>, B<--snaplen>  I<L>

Capture I<L> bytes of data for each packet. Defaults to 256.

=item B<-w>, B<--writeto>  I<file>

=back


=head1 DESCRIPTION

B<pcapdump> mimics the very basic features of B<tcpdump(1)> and provid
+es
a good example of how to use C<Net::Pcap>.


=head1 AUTHOR

SE<eacute>bastien Aperghis-Tramoni, E<lt>sebastien@aperghis.netE<gt>

=head1 COPYRIGHT

Copyright (C) 2005, 2006, 2007, 2008 SE<eacute>bastien Aperghis-Tramon
+i.
All rights reserved.

This program is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut

[download]
i have modified this one to filter some post's But now i ran into some Decoding problem ... the decode module i got decodes in this format 
packet: len=70, caplen=70, tv_sec=1272916318, tv_usec=252147
IP:UDP 8.8.8.8:53 -> 10.0.0.2:37731 ()
  0x0000 : 31 4E 81 80 00 01 00 01 00 00 00 00 06 67 6F 6F : 1N.......
+....goo
  0x0010 : 67 6C 65 03 63 6F 6D 00 00 01 00 01 C0 0C 00 01 : gle.com..
+.......
  0x0020 : 00 01 00 00 01 2C 00 04 D1 55 E7 68             : .....,...
+U.h

[download]
i need that in more human readable format ..

Replies are listed 'Best First'.
Re: how to Decode Hexdata got from Pcap
by Corion (Patriarch) on May 04, 2010 at 16:17 UTC

    See NetPacket::TCP for how to pack/unpack captured network packets and how to extract information from them.

[reply]
      Everything Work's well on TCP ... but its UDP ??
[reply]

        I haven't used it, but Net::Frame sounds promising.

[reply]
        In that case, NetPacket::UDP is in the same module :)
[reply]
Re: how to Decode Hexdata got from Pcap
by gman (Friar) on May 05, 2010 at 01:46 UTC

    hello, can you show your output from a tcp packet?

    this is what I get after adding NetPacket::UDP which was missing from your code posted, but assuming it was there in you actual code, as I get error without it.

    BTW, Thanks for this post, I learned a lot from it


    packet: len=170, caplen=170, tv_sec=1273023698, tv_usec=716581
IP:TCP 32.96.130.64:22 -> 10.10.0.51:8761 (ack,psh)
  0x0000 : CD B1 79 B3 46 37 28 19 71 6C 2C FB 61 FB CE B7 : ..y.F7(.q
+l,.a...
  0x0010 : 44 70 10 69 32 F7 C0 FF 7F 25 FA 75 53 44 F6 FC : Dp.i2....
+%.uSD..
  0x0020 : 13 FF F2 E1 A9 20 72 20 8A EB 25 A7 76 89 67 A3 : ......r..
+.%.v.g.
  0x0030 : 28 65 F0 EA EF 02 A0 E3 BE F6 91 B1 AF 27 15 A2 : (e.......
+....'..
  0x0040 : ED 64 57 6B E6 16 34 F9 22 CA AA C4 73 89 F5 1F : .dWk..4."
+...s...
  0x0050 : 0F 8C 9C DD 5B 90 7B C7 29 0C 32 4C 3C 16 5B 90 : ....[.{.)
+.2L<.[.
  0x0060 : 7F 76 8B 6E 18 74 7C 48 E6 93 DE 58 C2 DC 5F 76 : .v.n.t|H.
+..X.._v
  0x0070 : ED BD CC 3D                                     : ...=

    [download]
    packet: len=231, caplen=231, tv_sec=1273023856, tv_usec=195874
IP:TCP 10.10.0.180:631 -> 10.10.0.255:631 ()
  0x0000 : 62 30 31 65 20 33 20 69 70 70 3A 2F 2F 31 30 2E : b01e.3.ip
+p://10.
  0x0010 : 31 30 2E 30 2E 31 38 30 3A 36 33 31 2F 70 72 69 : 10.0.180:
+631/pri
  0x0020 : 6E 74 65 72 73 2F 4F 66 66 69 63 65 4A 65 74 2D : nters/Off
+iceJet-
  0x0030 : 50 72 6F 2D 4B 38 35 30 20 22 22 20 22 4F 66 66 : Pro-K850.
+""."Off
  0x0040 : 69 63 65 4A 65 74 2D 50 72 6F 2D 4B 38 35 30 22 : iceJet-Pr
+o-K850"
  0x0050 : 20 22 48 50 20 4F 66 66 69 63 65 4A 65 74 20 50 : ."HP.Offi
+ceJet.P
  0x0060 : 72 6F 20 4B 38 35 30 20 46 6F 6F 6D 61 74 69 63 : ro.K850.F
+oomatic
  0x0070 : 2F 68 70 69 6A 73 20 28 72 65 63 6F 6D 6D 65 6E : /hpijs.(r
+ecommen
  0x0080 : 64 65 64 29 20 2D 20 48 50 4C 49 50 20 31 2E 36 : ded).-.HP
+LIP.1.6
  0x0090 : 2E 31 30 22 20 6A 6F 62 2D 73 68 65 65 74 73 3D : .10".job-
+sheets=
  0x00A0 : 6E 6F 6E 65 2C 6E 6F 6E 65 20 6C 65 61 73 65 2D : none,none
+.lease-
  0x00B0 : 64 75 72 61 74 69 6F 6E 3D 33 30 30 0A          : duration=
+300.

    [download]
[reply]
[d/l]
[select]
      0x0000 : 36 31 39 31 32 22 20 74 69 74 6C 65 3D 22 47 72 : 61912".titl
+e="Gr
  0x0010 : 61 6E 64 46 61 74 68 65 72 27 73 20 68 6F 6D 65 : andFather
+'s.home
  0x0020 : 20 6E 6F 64 65 2E 20 4D 65 6D 62 65 72 20 6F 66 : .node..Me
+mber.of
  0x0030 : 3A 20 6A 61 6E 69 74 6F 72 73 2C 20 70 6D 64 65 : :.janitor
+s,.pmde
  0x0040 : 76 2E 22 3E 47 72 61 6E 64 46 61 74 68 65 72 3C : v.">Grand
+Father<
  0x0050 : 2F 61 3E 3C 62 72 20 2F 3E 3C 2F 73 70 61 6E 3E : /a><br./>
+</span>
  0x0060 : 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F : </span></
+span></
  0x0070 : 73 70 61 6E 3E 0A 3C 73 70 61 6E 20 63 6C 61 73 : span>.<sp
+an.clas
  0x0080 : 73 3D 27 6F 64 64 2D 72 6F 77 27 3E 3C 73 70 61 : s='odd-ro
+w'><spa
  0x0090 : 6E 20 63 6C 61 73 73 3D 27 69 74 65 6D 2D 30 30 : n.class='
+item-00
  0x00A0 : 31 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 : 1'><span.
+class='
  0x00B0 : 75 73 65 72 2D 6C 65 76 65 6C 2D 31 39 27 3E 3C : user-leve
+l-19'><
  0x00C0 : 73 70 61 6E 20 63 6C 61 73 73 3D 27 75 73 65 72 : span.clas
+s='user
  0x00D0 : 2D 33 32 34 37 36 33 27 3E 3C 61 20 68 72 65 66 : -324763'>
+<a.href
  0x00E0 : 3D 22 3F 6E 6F 64 65 5F 69 64 3D 33 32 34 37 36 : ="?node_i
+d=32476
  0x00F0 : 33 22 20 74 69 74 6C 65 3D 22 6D 61 72 74 6F 27 : 3".title=
+"marto'
  0x0100 : 73 20 68 6F 6D 65 20 6E 6F 64 65 22 3E 6D 61 72 : s.home.no
+de">mar
  0x0110 : 74 6F 3C 2F 61 3E 3C 62 72 20 2F 3E 3C 2F 73 70 : to</a><br
+./></sp
  0x0120 : 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 6E : an></span
+></span
  0x0130 : 3E 3C 2F 73 70 61 6E 3E 0A 3C 73 70 61 6E 20 63 : ></span>.
+<span.c
  0x0140 : 6C 61 73 73 3D 27 65 76 65 6E 2D 72 6F 77 27 3E : lass='eve
+n-row'>
  0x0150 : 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 69 74 65 : <span.cla
+ss='ite
  0x0160 : 6D 2D 30 30 32 27 3E 3C 73 70 61 6E 20 63 6C 61 : m-002'><s
+pan.cla
  0x0170 : 73 73 3D 27 75 73 65 72 2D 6C 65 76 65 6C 2D 31 : ss='user-
+level-1
  0x0180 : 39 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 : 9'><span.
+class='
  0x0190 : 75 73 65 72 2D 33 36 38 31 38 39 27 3E 3C 61 20 : user-3681
+89'><a.
  0x01A0 : 68 72 65 66 3D 22 3F 6E 6F 64 65 5F 69 64 3D 33 : href="?no
+de_id=3
  0x01B0 : 36 38 31 38 39 22 20 74 69 74 6C 65 3D 22 77 66 : 68189".ti
+tle="wf
  0x01C0 : 73 70 27 73 20 68 6F 6D 65 20 6E 6F 64 65 22 3E : sp's.home
+.node">
  0x01D0 : 77 66 73 70 3C 2F 61 3E 3C 62 72 20 2F 3E 3C 2F : wfsp</a><
+br./></
  0x01E0 : 73 70 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 : span></sp
+an></sp
  0x01F0 : 61 6E 3E 3C 2F 73 70 61 6E 3E 0A 3C 73 70 61 6E : an></span
+>.<span
  0x0200 : 20 63 6C 61 73 73 3D 27 6F 64 64 2D 72 6F 77 27 : .class='o
+dd-row'
  0x0210 : 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 69 74 : ><span.cl
+ass='it
  0x0220 : 65 6D 2D 30 30 33 27 3E 3C 73 70 61 6E 20 63 6C : em-003'><
+span.cl
  0x0230 : 61 73 73 3D 27 75 73 65 72 2D 6C 65 76 65 6C 2D : ass='user
+-level-
  0x0240 : 31 37 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D : 17'><span
+.class=
  0x0250 : 27 75 73 65 72 2D 37 30 39 32 39 27 3E 3C 61 20 : 'user-709
+29'><a.
  0x0260 : 68 72 65 66 3D 22 3F 6E 6F 64 65 5F 69 64 3D 37 : href="?no
+de_id=7
  0x0270 : 30 39 32 39 22 20 74 69 74 6C 65 3D 22 61 74 63 : 0929".tit
+le="atc
  0x0280 : 72 6F 66 74 27 73 20 68 6F 6D 65 20 6E 6F 64 65 : roft's.ho
+me.node
  0x0290 : 22 3E 61 74 63 72 6F 66 74 3C 2F 61 3E 3C 62 72 : ">atcroft
+</a><br
  0x02A0 : 20 2F 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 6E : ./></span
+></span
  0x02B0 : 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 6E 3E 0A : ></span><
+/span>.
  0x02C0 : 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 65 76 65 : <span.cla
+ss='eve
  0x02D0 : 6E 2D 72 6F 77 27 3E 3C 73 70 61 6E 20 63 6C 61 : n-row'><s
+pan.cla
  0x02E0 : 73 73 3D 27 69 74 65 6D 2D 30 30 34 27 3E 3C 73 : ss='item-
+004'><s
  0x02F0 : 70 61 6E 20 63 6C 61 73 73 3D 27 75 73 65 72 2D : pan.class
+='user-
  0x0300 : 6C 65 76 65 6C 2D 31 35 27 3E 3C 73 70 61 6E 20 : level-15'
+><span.
  0x0310 : 63 6C 61 73 73 3D 27 75 73 65 72 2D 37 33 34 34 : class='us
+er-7344
  0x0320 : 31 27 3E 3C 61 20 68 72 65 66 3D 22 3F 6E 6F 64 : 1'><a.hre
+f="?nod
  0x0330 : 65 5F 69 64 3D 37 33 34 34 31 22 20 74 69 74 6C : e_id=7344
+1".titl
  0x0340 : 65 3D 22 68 65 72 76 65 75 73 27 73 20 68 6F 6D : e="herveu
+s's.hom
  0x0350 : 65 20 6E 6F 64 65 22 3E 68 65 72 76 65 75 73 3C : e.node">h
+erveus<
  0x0360 : 2F 61 3E 3C 62 72 20 2F 3E 3C 2F 73 70 61 6E 3E : /a><br./>
+</span>
  0x0370 : 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F : </span></
+span></
  0x0380 : 73 70 61 6E 3E 0A 3C 73 70 61 6E 20 63 6C 61 73 : span>.<sp
+an.clas
  0x0390 : 73 3D 27 6F 64 64 2D 72 6F 77 27 3E 3C 73 70 61 : s='odd-ro
+w'><spa
  0x03A0 : 6E 20 63 6C 61 73 73 3D 27 69 74 65 6D 2D 30 30 : n.class='
+item-00
  0x03B0 : 35 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 : 5'><span.
+class='
  0x03C0 : 75 73 65 72 2D 6C 65 76 65 6C 2D 31 34 27 3E 3C : user-leve
+l-14'><
  0x03D0 : 73 70 61 6E 20 63 6C 61 73 73 3D 27 75 73 65 72 : span.clas
+s='user
  0x03E0 : 2D 36 39 34 39 31 34 27 3E 3C 61 20 68 72 65 66 : -694914'>
+<a.href
  0x03F0 : 3D 22 3F 6E 6F 64 65 5F 69 64 3D 36 39 34 39 31 : ="?node_i
+d=69491
  0x0400 : 34 22 20 74 69 74 6C 65 3D 22 64 48 61 72 72 79 : 4".title=
+"dHarry
  0x0410 : 27 73 20 68 6F 6D 65 20 6E 6F 64 65 22 3E 64 48 : 's.home.n
+ode">dH
  0x0420 : 61 72 72 79 3C 2F 61 3E 3C 62 72 20 2F 3E 3C 2F : arry</a><
+br./></
  0x0430 : 73 70 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 : span></sp
+an></sp
  0x0440 : 61 6E 3E 3C 2F 73 70 61 6E 3E 0A 3C 73 70 61 6E : an></span
+>.<span
  0x0450 : 20 63 6C 61 73 73 3D 27 65 76 65 6E 2D 72 6F 77 : .class='e
+ven-row
  0x0460 : 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 69 : '><span.c
+lass='i
  0x0470 : 74 65 6D 2D 30 30 36 27 3E 3C 73 70 61 6E 20 63 : tem-006'>
+<span.c
  0x0480 : 6C 61 73 73 3D 27 75 73 65 72 2D 6C 65 76 65 6C : lass='use
+r-level
  0x0490 : 2D 31 34 27 3E 3C 73 70 61 6E 20 63 6C 61 73 73 : -14'><spa
+n.class
  0x04A0 : 3D 27 75 73 65 72 2D 34 39 35 36 31 37 27 3E 3C : ='user-49
+5617'><
  0x04B0 : 61 20 68 72 65 66 3D 22 3F 6E 6F 64 65 5F 69 64 : a.href="?
+node_id
  0x04C0 : 3D 34 39 35 36 31 37 22 20 74 69 74 6C 65 3D 22 : =495617".
+title="
  0x04D0 : 50 75 6E 69 74 68 61 27 73 20 68 6F 6D 65 20 6E : Punitha's
+.home.n
  0x04E0 : 6F 64 65 22 3E 50 75 6E 69 74 68 61 3C 2F 61 3E : ode">Puni
+tha</a>
  0x04F0 : 3C 62 72 20 2F 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 : <br./></s
+pan></s
  0x0500 : 70 61 6E 3E 3C 2F 73 70 61 6E 3E 3C 2F 73 70 61 : pan></spa
+n></spa
  0x0510 : 6E 3E 0A 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 : n>.<span.
+class='
  0x0520 : 6F 64 64 2D 72 6F 77 27 3E 3C 73 70 61 6E 20 63 : odd-row'>
+<span.c
  0x0530 : 6C 61 73 73 3D 27 69 74 65 6D 2D 30 30 37 27 3E : lass='ite
+m-007'>
  0x0540 : 3C 73 70 61 6E 20 63 6C 61 73 73 3D 27 75 73 65 : <span.cla
+ss='use
  0x0550 : 72 2D 6C 65 76 65 6C 2D 31 34 27 3E 3C 73 70 61 : r-level-1
+4'><spa
  0x0560 : 6E 20 63 6C 61 73 73 3D 27 75 73 65 72 2D 32 37 : n.class='
+user-27
  0x0570 : 32 36 38 32 27 3E 3C 61 20 68 72 65 66 3D 22 3F : 2682'><a.
+href="?
  0x0580 : 6E 6F 64 65 5F 69 64 3D                         : node_id=
IP:TCP 209.197.123.153:80 -> 10.0.0.2:51950 (ack)
data61912" title="GrandFather's home node. Member of: janitors, pmdev.
+">GrandFather</a><br /></span></span></span></span>
<span class='odd-row'><span class='item-001'><span class='user-level-1
+9'><span class='user-324763'><a href="?node_id=324763" title="marto's
+ home node">marto</a><br /></span></span></span></span>
<span class='even-row'><span class='item-002'><span class='user-level-
+19'><span class='user-368189'><a href="?node_id=368189" title="wfsp's
+ home node">wfsp</a><br /></span></span></span></span>
<span class='odd-row'><span class='item-003'><span class='user-level-1
+7'><span class='user-70929'><a href="?node_id=70929" title="atcroft's
+ home node">atcroft</a><br /></span></span></span></span>
<span class='even-row'><span class='item-004'><span class='user-level-
+15'><span class='user-73441'><a href="?node_id=73441" title="herveus'
+s home node">herveus</a><br /></span></span></span></span>
<span class='odd-row'><span class='item-005'><span class='user-level-1
+4'><span class='user-694914'><a href="?node_id=694914" title="dHarry'
+s home node">dHarry</a><br /></span></span></span></span>
<span class='even-row'><span class='item-006'><span class='user-level-
+14'><span class='user-495617'><a href="?node_id=495617" title="Punith
+a's home node">Punitha</a><br /></span></span></span></span>
<span class='odd-row'><span class='item-007'><span class='user-level-1
+4'><span class='user-272682'><a href="?node_id=

      [download]
      This is my TCP OUtput ... First one was the Hex output .... but below one was the normal out out with out Hexcode ... TCP is woorks good ... UDP is making probelm here is the UDP output in normal form and Hex output ... Hexput was bit complex ..... 
      IP:UDP 10.0.0.2:34214 -> 8.8.8.8:53 ()
  0x0000 : D0 E6 01 00 00 01 00 00 00 00 00 00 06 67 6F 6F : .........
+....goo
  0x0010 : 67 6C 65 02 63 6F 02 69 6E 00 00 01 00 01       : gle.co.in
+.....
data&#65533;&#65533;googlecoin
IP:UDP 8.8.8.8:53 -> 10.0.0.2:34214 ()
  0x0000 : D0 E6 81 80 00 01 00 01 00 00 00 00 06 67 6F 6F : .........
+....goo
  0x0010 : 67 6C 65 02 63 6F 02 69 6E 00 00 01 00 01 C0 0C : gle.co.in
+.......
  0x0020 : 00 01 00 01 00 00 01 2C 00 04 D1 55 E7 68       : .......,.
+..U.h
data&#65533;&#24640;googlecoin&#65533;
                        ,&#65533;U&#65533;h

      [download]
      this is a DNS query ...
[reply]
[d/l]
[select]

        Wouldn't that stem from the type of data in the packet?

        What I mean is, your TCP output is clearly HTML plain ascii, your UDP contains control characters, for every non-printable char the hexdump prints a '.'. When you try to print the raw data your terminal is going to interpret this.


        Maybe running it through something like unix strings, or sanitizing it in perl before you print it?

[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://838339]
Approved by Hue-Bond
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (3)
As of 2024-04-19 21:59 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found