Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Net::Pcap Filters and alarm() [SOLVED]

by return0 (Acolyte)
on Apr 09, 2014 at 17:42 UTC ( #1081702=perlquestion: print w/ replies, xml ) Need Help??
return0 has asked for the wisdom of the Perl Monks concerning the following question:

Hello again Monks! :) I have a dilemma with Net::Pcap filters. I need to listen on a *very* busy device for specific packets using Net::Pcap::setfilter/compile. (I loop over a few IP addresses and listen for about 5 seconds for each one)

If I do so, the packet handler in Net::Pcap::loop($pcap, -1, \&pcap_handler, ''); never runs (until it sees the specific packet (e.g. I induce one with ping in another terminal and it works)), so I cannot seem to use alarm()! I also cannot use the Net::Pcap TimeoutOnNext, because, the network device is so incredibly busy, that it would constantly be resetting the timer, or never reset from my filters.

Have any of you Monks ever done this? I have spent about 3 days testing in Perl, searching Google and this site and found lots of resources, but none that work for my strange situation.

Edit:
Here is some code that works until a filter is placed onto $pcap, I just tried it:

http://www.perlmonks.org/bare/?abspart=1;displaytype=displaycode;node_id=805992;part=4

Say I set the filter "src net 10.0.0.1" the alarm times out, but Net::Pcap::breakloop can't be called because Net::Pcap::loop never returns making the program hang. (until in another terminal I ping 10.0.0.1!)

Thanks in advance, you guys are awesome! :D

Edit-Edit: I just found out this is a BUG: https://rt.cpan.org/Public/Bug/Display.html?id=6320 Supposedly fixed too..(in 2005) I am still testing stuff and update frequently :(

Comment on Net::Pcap Filters and alarm() [SOLVED]
Download Code
Re: Net::Pcap Filters and alarm()
by oiskuu (Pilgrim) on Apr 09, 2014 at 18:18 UTC

    What happens if you pcap_close($pcap) in the alarm handler?

      Alarm handler never gets called. I put a print statement there to notify me :(
      if the timeout is reached before i ping 10.0.0.1 in another terminal, the Net::Pcap::loop returns and executes the alarm() handler before continuing the process the packet! what?!
Re: Net::Pcap Filters and alarm()
by VinsWorldcom (Priest) on Apr 09, 2014 at 20:13 UTC
      OMG write my own loop function! derp! why didn't i think of that?! :) Thank you, I will post back if I have success tonight. I can always count on your advice, Monks. <3
      Thank you thank you thank you! :D I got it now. Instead of using the rabbit hole pcap_loop, I have my own sub routine that just goes through each packet that matches my pcap_filter. I kinda wish cpan were like wikipedia and we could contribute documentation! :S

      Thanks again!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1081702]
Front-paged by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (3)
As of 2014-09-17 03:59 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (57 votes), past polls