not sure if using Net::Pcap::loop($pcap, -1, \&process_pkt, '');
is handled differently internally, but for what it's worth here is something I have used.
#!/usr/bin/perl -w
use strict;
use warnings;
use Net::PcapUtils;
use Net::Pcap;
use NetPacket::Ethernet qw(:strip);
use NetPacket::IP;
#use Config::Reader::Simple;
my $file = "CaptureData.txt";
open FILE, ">$file" or die "unable to open $file $!";
my %config;
open my $config, '<', 'Config.txt' or die $!;
sub process_pkt {
my ($user, $hdr, $pkt) = @_;
my $ip_obj = NetPacket::IP->decode(eth_strip($pkt));
my $eth_obj = NetPacket::Ethernet->decode($pkt);
if($ip_obj->{src_ip} eq $config{'SourceIP'}) {
print "SourceIP : $ip_obj->{src_ip}\n";
print "SourceMAC : $eth_obj->{src_mac}\n";
print "EthernetType : $eth_obj->{type}\n";
print "IPProtocol : $ip_obj->{proto}\n";
print "----------------------------\n";
}
}
while(<$config>)
{
chomp;
my ($key, $value) = split /\s*=\s*/, $_;
$config{$key} = $value;
print FILE "chave: $key -- valor: $value\n";
}
my $err ='';
my $i = 1;
my $pcap = Net::Pcap::open_offline("capture.pcap", \$err) or die "Can
+not open f
ile...$err\n";
Net::Pcap::loop($pcap, -1, \&process_pkt, '');
Net::Pcap::close($pcap);
close FILE, ">$file" or die "unable to close $file $!";
