ruby/pcap with threads

K

kenny roytman

Hi Everyone,

Can someone please explain why I don't see any output from the
following code? I'm stumped. By the way, "en1" is the name of my
network device. Thanks.

code:

1 require 'pcaplet'
2
3 include Pcap
4
5
6 x = Thread.new {
7 pcaplet = Pcaplet.new("-i en1")
8
9 pcaplet.each_packet { |pkt|
10 puts "#{pkt.src.to_num_s}:#{pkt.sport}
#{pkt.dst.to_num_s}:#{pkt.dport}" if pkt.ip?
11 }
12
13 }
14
15 x.join
16
 
P

Peña, Botp

From: kenny roytman [mailto:[email protected]]=20
# Hi Everyone,
# Can someone please explain why I don't see any output from the
# following code? I'm stumped. By the way, "en1" is the name of my
# network device. Thanks.
#=20
# code:
# 1 require 'pcaplet'
# 2
# 3 include Pcap
# 4
# 5
# 6 x =3D Thread.new {
# 7 pcaplet =3D Pcaplet.new("-i en1")
# 8
# 9 pcaplet.each_packet { |pkt|
# 10 puts "#{pkt.src.to_num_s}:#{pkt.sport}
# #{pkt.dst.to_num_s}:#{pkt.dport}" if pkt.ip?
# 11 }
# 12
# 13 }
# 14
# 15 x.join
# 16


i simplified your code, but it works..
pcaplet is quite old, you might try modifying some to remove deprecation =
warnings...

botp@pc4all:~/pcap$ cat test.rb
require 'pcaplet'
include Pcap
x =3D Thread.new {
pcaplet =3D Pcaplet.new("-i eth0")
pcaplet.each_packet { |pkt|
puts pkt
}
}
x.join

botp@pc4all:~/pcap$ sudo ruby test.rb
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not =
use Fixnums as Symbols
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not =
use Fixnums as Symbols
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not =
use Fixnums as Symbols
10.2.87.95:6771 > 239.192.152.143:6771 len 127 sum 35035
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
<ctl-c interrupt>

kind regards -botp
 
K

kenny roytman

From: kenny roytman [mailto:[email protected]]
# Hi Everyone,
# Can someone please explain why I don't see any output from the
# following code? I'm stumped. By the way, "en1" is the name of my
# network device. Thanks.
#
# code:
# 1 require 'pcaplet'
# 2
# 3 include Pcap
# 4
# 5
# 6 x = Thread.new {
# 7 pcaplet = Pcaplet.new("-i en1")
# 8
# 9 pcaplet.each_packet { |pkt|
# 10 puts "#{pkt.src.to_num_s}:#{pkt.sport}
# #{pkt.dst.to_num_s}:#{pkt.dport}" if pkt.ip?
# 11 }
# 12
# 13 }
# 14
# 15 x.join
# 16

i simplified your code, but it works..
pcaplet is quite old, you might try modifying some to remove deprecation warnings...

botp@pc4all:~/pcap$ cat test.rb
require 'pcaplet'
include Pcap
x = Thread.new {
pcaplet = Pcaplet.new("-i eth0")
pcaplet.each_packet { |pkt|
puts pkt
}}

x.join

botp@pc4all:~/pcap$ sudo ruby test.rb
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not use Fixnums as Symbols
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not use Fixnums as Symbols
/usr/local/lib/ruby/site_ruby/1.8/i686-linux/pcap.so: warning: do not use Fixnums as Symbols
10.2.87.95:6771 > 239.192.152.143:6771 len 127 sum 35035
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
10.2.10.123:2048 > pc4all.bugo.dmpi:22 .A....
pc4all.bugo.dmpi:22 > 10.2.10.123:2048 .AP...
<ctl-c interrupt>

kind regards -botp
Click to expand...

wierd, i'm not seeing this behavior. I'm running on Mac OS X. I
wonder if that's a problem ...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Machine Learning.. Endless Struggle 3
ruby libpcap fails when passing command-line argument 0
LFSR doesn't generate random values during simulation 1
Ruby & Threads 3
Help with code 0
Working on mobile css menu with plenty of frustration! 2
Help with my responsive home page 2
sockets and threads 2

Members online

Total: 40 (members: 2, guests: 38)
Robots: 89

Forum statistics

Threads
473,792
Messages
2,569,639
Members
45,353
Latest member
RogerDoger

Latest Threads

Top