npm
Sign UpSign In

cap-decoders

0.2.0 • Public • Published

Description

Network packet decoders (extracted from cap module)

Requirements

Install

npm install cap

Examples

  • Capture and decode all outgoing TCP data packets destined for port 80 on the interface for 192.168.0.10:
var Cap = require('cap').Cap;
var decoders = require('cap-decoders');
var PROTOCOL = decoders.PROTOCOL;

var c = new Cap();
var device = Cap.findDevice('192.168.0.10');
var filter = 'tcp and dst port 80';
var bufSize = 10 * 1024 * 1024;
var buffer = Buffer.alloc(65535);

var linkType = c.open(device, filter, bufSize, buffer);

c.setMinBytes && c.setMinBytes(0);

c.on('packet', function(nbytes, trunc) {
  console.log('packet: length ' + nbytes + ' bytes, truncated? '
              + (trunc ? 'yes' : 'no'));

  // raw packet data === buffer.slice(0, nbytes)

  if (linkType === 'ETHERNET') {
    var ret = decoders.Ethernet(buffer);

    if (ret.info.type === PROTOCOL.ETHERNET.IPV4) {
      console.log('Decoding IPv4 ...');

      ret = decoders.IPV4(buffer, ret.offset);
      console.log('from: ' + ret.info.srcaddr + ' to ' + ret.info.dstaddr);

      if (ret.info.protocol === PROTOCOL.IP.TCP) {
        var datalen = ret.info.totallen - ret.hdrlen;

        console.log('Decoding TCP ...');

        ret = decoders.TCP(buffer, ret.offset);
        console.log(' from port: ' + ret.info.srcport + ' to port: ' + ret.info.dstport);
        datalen -= ret.hdrlen;
        console.log(buffer.toString('binary', ret.offset, ret.offset + datalen));
      } else if (ret.info.protocol === PROTOCOL.IP.UDP) {
        console.log('Decoding UDP ...');

        ret = decoders.UDP(buffer, ret.offset);
        console.log(' from port: ' + ret.info.srcport + ' to port: ' + ret.info.dstport);
        console.log(buffer.toString('binary', ret.offset, ret.offset + ret.info.length));
      } else
        console.log('Unsupported IPv4 protocol: ' + PROTOCOL.IP[ret.info.protocol]);
    } else
      console.log('Unsupported Ethertype: ' + PROTOCOL.ETHERNET[ret.info.type]);
  }
});

Static methods

The following methods are available off of require('cap-decoders'). They parse the relevant protocol header and return an object containing the parsed information:

  • Link Layer Protocols

    • Ethernet(< Buffer buf[, < integer >bufOffset=0])

  • Internet Layer Protocols

    • IPV4(< Buffer buf[, < integer >bufOffset=0])

    • IPV6(< Buffer buf[, < integer >bufOffset=0])

    • ICMPV4(< Buffer buf, < integer >nbytes[, < integer >bufOffset=0])

  • Transport Layer Protocols

    • TCP(< Buffer buf[, < integer >bufOffset=0])

    • UDP(< Buffer buf[, < integer >bufOffset=0])

    • SCTP(< Buffer buf, < integer >nbytes[, < integer >bufOffset=0])

Readme

Keywords

Package Sidebar

Install

npm i cap-decoders

Repository

github.com/kirgene/cap-decoders

Homepage

github.com/kirgene/cap-decoders#readme

Weekly Downloads

4

Version

0.2.0

License

none

Unpacked Size

52.8 kB

Total Files

9

Last publish

Collaborators

  • kirgene
Try on RunKit
Report malware