NetWallah has asked for the wisdom of the Perl Monks concerning the following question:
Ahoy, Monks ..
Here is some working code that I'd like to make better/more efficient. It has to do with decoding DNS and Netbios names in captured packets (pcap).
I freely admit that the current method uses brute-force and inefficient methods. If someone has done something in this arena, please enlighten. tia .
Yes - I know - I should post sample Input and output strings .. Will get to that soon.sub Decode_DNS_Name(){ #DNS/Netbios Name decoder # This homegrown crazy bit of code developed by packet observation + only. my $nameref = shift; my ($retval, $namelen, $b1, $b2, $lastchar); $namelen = ord(substr($$nameref,0,1)); for (my $i=1; $i <= $namelen; $i+=2){ $b1=(ord(substr($$nameref,$i,1))) - 0x41; #Don't ask me why . +. $b2=(ord(substr($$nameref,$i+1,1))) - 0x41; # It just works thi +s way!! $retval .= chr( ($b1 << 4)+$b2); } # Last byte of NB name is the "Type". chop it if it is .. if (($lastchar = chop($retval)) gt ' '){ # Ooops ... That was a real part of the name ..Need to restore i +t.. $retval .= $lastchar; }; #Trim trailing blanks $retval =~s/\s*$//; return $retval ; #. }
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Parsing Netbios and DNS Names
by BrowserUk (Patriarch) on May 21, 2003 at 05:24 UTC | |
Re: Parsing Netbios and DNS Names
by benn (Vicar) on May 21, 2003 at 00:02 UTC | |
Re: Parsing Netbios and DNS Names
by NetWallah (Canon) on May 20, 2003 at 23:04 UTC | |
by vxp (Pilgrim) on May 20, 2003 at 23:20 UTC |
Back to
Seekers of Perl Wisdom