ruby-packetfu 1.1.11-2 / usr / share / doc / ruby-packetfu / examples / simple-sniffer.rb

This file is indexed.

/usr/share/doc/ruby-packetfu/examples/simple-sniffer.rb is in ruby-packetfu 1.1.11-2.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env ruby
# -*- coding: binary -*-
require './examples'
require 'packetfu'

puts "Simple sniffer for PacketFu #{PacketFu.version}"
include PacketFu
iface = ARGV[0] || "eth0"

def sniff(iface)
  cap = Capture.new(:iface => iface, :start => true)
  cap.stream.each do |p|
    pkt = Packet.parse p
    if pkt.is_ip?
      next if pkt.ip_saddr == Utils.ifconfig(iface)[:ip_saddr]
      packet_info = [pkt.ip_saddr, pkt.ip_daddr, pkt.size, pkt.proto.last]
      puts "%-15s -> %-15s %-4d %s" % packet_info
    end
  end
end

sniff(iface)

=begin 
Results look like this:
145.58.33.95    -> 192.168.11.70   1514 TCP
212.233.158.76  -> 192.168.11.70   110  UDP
88.174.164.147  -> 192.168.11.70   110  UDP
145.58.33.95    -> 192.168.11.70   1514 TCP
145.58.33.95    -> 192.168.11.70   1514 TCP
145.58.33.95    -> 192.168.11.70   1514 TCP
145.58.33.95    -> 192.168.11.70   1514 TCP
8.8.8.8         -> 192.168.11.70   143  UDP
41.237.73.186   -> 192.168.11.70   60   TCP
145.58.33.95    -> 192.168.11.70   1514 TCP
145.58.33.95    -> 192.168.11.70   1514 TCP
8.8.8.8         -> 192.168.11.70   143  UDP
8.8.8.8         -> 192.168.11.70   128  UDP
8.8.8.8         -> 192.168.11.70   187  UDP
24.45.247.232   -> 192.168.11.70   70   TCP
=end

APT Browse - Built by Thomas Orozco.