I find it easy to use Net::PcapUtils when capturing packets..
here's a part of the module(for dhcp testing) i am trying to finish..
sub getreply{
my $self=shift;
my $packetcap1= Net::PcapUtils::open( FILTER =>'udp dst port 6
+8' , DEV => $self->{INTERFACE}, SNAPLEN => 400);
my ($packetcap)=Net::PcapUtils::next($packetcap1);
my $ethpack=NetPacket::Ethernet->decode($packetcap);
my $ipack=NetPacket::IP->decode($ethpack->{data});
my $udpack=NetPacket::UDP->decode($ipack->{data});
my $capture=Net::DHCP::Packet->new($udpack->{data});
my $smac=sprintf ($ethpack->{src_mac});
my $dmac=sprintf ($ethpack->{dest_mac});
my $srcmac= sprintf("%s%s:%s%s:%s%s:%s%s:%s%s:%s%s", split//,
+$smac);
my $destmac= sprintf("%s%s:%s%s:%s%s:%s%s:%s%s:%s%s", split//,
+ $dmac);
print ("====================BOOT REPLY========================
+\n");
print "\n";
print $ipack->{src_ip} . "=====>" . $ipack->{dest_ip} . "(id :
+ $ipack->{id}, ttl: $ipack->{ttl})" . "\n";
print "UDP Source: $udpack->{src_port} ==> UDP Destination: $
+udpack->{dest_port} \n";
print "UDP Length: $udpack->{len}, UDP Data Length:", length($
+udpack->{data})," \n";
print "UDP Checksum: $udpack->{cksum} \n";
print "\n";
print "Source Mac address is : ".$srcmac."=====>";
print "Destination Mac address is: " . $destmac."\n";
my $ethtype=sprintf("%0.4x", $ethpack->{type});
print "Ethertype: ". $ethtype . "\n";
print "\n";
print ("====================UDP PACKET========================
+\n");
print $capture->toString()."\n";
return $ipack;
}
Hope you find it useful..
Cheers,
drip