Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation

Net::Pcap and windows

by nite_man (Deacon)
on Apr 24, 2003 at 06:57 UTC ( #252784=perlquestion: print w/replies, xml ) Need Help??
nite_man has asked for the wisdom of the Perl Monks concerning the following question:

Hi brothers,
I need to make some network snooping under windows. I've read an article Perl and Net::Pcap by rob_au and some another acticles but I didn't find any solution about using Net::Pcap under windows.
Maybe anyone knows some win32 snooping with Perl resources?
SV* sv_bless(SV* sv, HV* stash);

Replies are listed 'Best First'.
Re: Net::Pcap and windows
by rob_au (Abbot) on Apr 24, 2003 at 07:06 UTC
    As noted in this post for prosperity, the Pcap library can be obtained for Windows in source and binary forms from This in turn gives you the ability to interface this library with Net::Pcap - Note however that this will most likely involve building the Net::Pcap XS modules from sources, as I am unaware of any PPM packages for this module (Podmaster?)


    perl -le 'print+unpack("N",pack("B32","00000000000000000000001001010000"))'

      Thanks rob_au, I will try to use winpcap and maybe write some sketch about it if somebody is interested in it ;))
      SV* sv_bless(SV* sv, HV* stash);
Re: Net::Pcap and windows
by PodMaster (Abbot) on Apr 24, 2003 at 12:24 UTC
    Well, I gave it another shot, and I've compiled Net::Pcap, but it does not work (12.50% okay, practically all the tests fail). You'll have to edit Pcap.xs to make the include lines look like
    #include "pcap.h" #ifdef WIN32 #undef caddr_t #endif #include "EXTERN.h" #include "perl.h" #include "XSUB.h" //#include <pcap.h> used to be here (D'oh! i should've just done a dif +f)
    Also, here's what the MakeMaker INC/LIBS args should look like:
    'INC' => q[ -IE:\new\wpdpack_3_0\wpdpack\Include ], 'LIBS' => [ q[ -LE:\new\wpdpack_3_0\wpdpack\Lib +b ] ],
    It compiles with some warnings though
    Pcap.c Pcap.c(749) : warning C4047: 'function' : 'struct _PerlIO ** ' differs + in levels of indirection from 'struct _iobuf *' Pcap.c(749) : warning C4024: 'Perl_do_open' : different types for form +al and actual parameter 8
    which stem from
    FILE * pcap_file(p) pcap_t *p
    and I've no clue how to fix those, but I highly doubt they have anything to do with the failing tests (almost all of the functions Net::Pcap uses are deprecated in WinPcap -- like lookupdev or open_live). The generated function looks like
    XS(XS_Net__Pcap_file); /* prototype to pass -Wmissing-prototypes */ XS(XS_Net__Pcap_file) { dXSARGS; if (items != 1) Perl_croak(aTHX_ "Usage: Net::Pcap::file(p)"); { pcap_t * p; FILE * RETVAL; if (sv_derived_from(ST(0), "pcap_tPtr")) { IV tmp = SvIV((SV*)SvRV(ST(0))); p = (pcap_t *) tmp; } else croak("p is not of type pcap_tPtr"); RETVAL = pcap_file(p); ST(0) = sv_newmortal(); { GV *gv = newGVgen("Net::Pcap"); if ( do_open(gv, "<&", 2, FALSE, 0, 0, RETVAL) ) sv_setsv(ST(0), sv_bless(newRV((SV*)gv), gv_stashpv("Net::Pcap +",1))); else ST(0) = &PL_sv_undef; } } XSRETURN(1); }
    And the typemap specifies FILE * T_IN, and T_IN is
    INPUT T_IN $var = IoIFP(sv_2io($arg)) ################### OUTPUT T_IN { GV *gv = newGVgen("$Package"); if ( do_open(gv, "<&", 2, FALSE, 0, 0, $var) ) sv_setsv($arg, sv_bless(newRV((SV*)gv), gv_stashpv("$Package", +1))); else $arg = &PL_sv_undef; }

    MJD says you can't just make shit up and expect the computer to know what you mean, retardo!
    I run a Win32 PPM repository for perl 5.6x+5.8x. I take requests.
    ** The Third rule of perl club is a statement of fact: pod is sexy.

      Many thanks, PodMaster. I've tried compile Net::Pcap unser win32 and I've had error end of compilation. I found page one guy - J-L Morel where he keept Net::Pcap for win32. He explaned what happened. Perl is compiled with winsock.h but WinPcap (Free Packet Capture Architecture for Window) - with winsock2.h.
      SV* sv_bless(SV* sv, HV* stash);
        Thats great. Does it work for you? I compiled his version, and it doesn't change a thing, all test still pretty much fail ;( Whether this is a problem with the tests or whatever, it's certainly not good

        MJD says you can't just make shit up and expect the computer to know what you mean, retardo!
        I run a Win32 PPM repository for perl 5.6x+5.8x. I take requests.
        ** The Third rule of perl club is a statement of fact: pod is sexy.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://252784]
Approved by mugwumpjism
[stevieb]: nice! I just finished a GPS "take me home" device last week, and did a bunch of software updates to it yesterday. I also created a pseudo chip with an Arduino to simulate an IC, where it responds to register read/writes over the I2C bus...
[stevieb]: ...from an I2C master. It's ugly and there are many changes I'm going to make, but I had not done anything like it before. It's designed for my RPi:: automated test platform; a system that does CI on *all* my RPi modules.
[shmem]: pseudo chip?
[stevieb]: well, what happens is the Arduino 'listens' for requests r/w, and does the appropriate thing when it's interrupted based on the 'register' address sent in. It's ugly as it was my first attempt, but I've got great new ideas I'm just sitting.
[stevieb]: ...down to implement now. Here's the sketch as it currently sits
[shmem]: well I use I2C and SPI and stuff, but creating a pseudo chip looks to me like lot of indirection and memory clutter... not?
[choroba]: Are you going to use the device soon? Related to your comment about "not having much time to do a lot of coding"...
[stevieb]: sure, but I'm just learning ;) I consider it practice to get a good understanding of what goes on *after* an I2C/SPI request is made
[shmem]: ah ok. Gonna read that. but now....
shmem compiles himself into his template

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (9)
As of 2017-06-25 22:42 GMT
Find Nodes?
    Voting Booth?
    How many monitors do you use while coding?

    Results (572 votes). Check out past polls.