Provided by: libnetpacket-perl_1.7.2-1_all bug

NAME

       NetPacket::TCP - Assemble and disassemble TCP (Transmission Control Protocol) packets.

VERSION

       version 1.7.2

SYNOPSIS

         use NetPacket::TCP;

         $tcp_obj = NetPacket::TCP->decode($raw_pkt);
         $tcp_pkt = $tcp_obj->encode($ip_pkt);
         $tcp_data = NetPacket::TCP::strip($raw_pkt);

DESCRIPTION

       "NetPacket::TCP" provides a set of routines for assembling and disassembling packets using
       TCP (Transmission Control Protocol).

   Methods
       "NetPacket::TCP->decode([RAW PACKET])"
           Decode the raw packet data given and return an object containing instance data.  This
           method will quite happily decode garbage input.  It is the responsibility of the
           programmer to ensure valid packet data is passed to this method.

       "NetPacket::TCP->encode($ip_obj)"
           Return a TCP packet encoded with the instance data specified.  Needs parts of the ip
           header contained in $ip_obj in order to calculate the TCP checksum.

       "$packet->parse_tcp_options"
           Returns a hash (or a hash ref in scalar context) containing the packet's options.

           For now the method only recognizes well-known and widely used options (MSS, noop,
           windows scale factor, SACK permitted, SACK, timestamp).  If the packet contains
           options unknown to the method, it may fail.

   Functions
       "NetPacket::TCP::strip([RAW PACKET])"
           Return the encapsulated data (or payload) contained in the TCP packet.  This data is
           suitable to be used as input for other "NetPacket::*" modules.

           This function is equivalent to creating an object using the "decode()" constructor and
           returning the "data" field of that object.

   Instance data
       The instance data for the "NetPacket::TCP" object consists of the following fields.

       src_port
           The source TCP port for the packet.

       dest_port
           The destination TCP port for the packet.

       seqnum
           The TCP sequence number for this packet.

       acknum
           The TCP acknowledgement number for this packet.

       hlen
           The header length for this packet.

       reserved
           The 6-bit "reserved" space in the TCP header.

       flags
           Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.

       winsize
           The TCP window size for this packet.

       cksum
           The TCP checksum.

       urg The TCP urgent pointer.

       options
           Any TCP options for this packet in binary form.

       data
           The encapsulated data (payload) for this packet.

   Exports
       default
           FIN SYN RST PSH ACK URG ECE CWR Can be used to set the appropriate flag.

       exportable
           tcp_strip

       tags
           The following tags group together related exportable items.

           ":strip"
               Import the strip function "tcp_strip".

           ":ALL"
               All the above exportable items.

EXAMPLE

       The following script is a primitive pop3 sniffer.

         #!/usr/bin/perl -w

         use strict;
         use Net::PcapUtils;
         use NetPacket::Ethernet qw(:strip);
         use NetPacket::IP qw(:strip);
         use NetPacket::TCP;

         sub process_pkt {
             my($arg, $hdr, $pkt) = @_;

             my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($pkt)));

             if (($tcp_obj->{src_port} == 110) or ($tcp_obj->{dest_port} == 110)) {
                 print($tcp_obj->{data});
             }
         }

         Net::PcapUtils::loop(\&process_pkt, FILTER => 'tcp');

       The following uses NetPacket together with Net::Divert to add a syn flag to all TCP
       packets passing through:

         #!/usr/bin/perl

         use Net::Divert;
         use NetPacket::IP qw(IP_PROTO_TCP);
         use NetPacket::TCP;

         $divobj = Net::Divert->new('yourhostname',9999);

         $divobj->getPackets(\&alterPacket);

         sub alterPacket {
             my($packet,$fwtag) = @_;

             # decode the IP header
             $ip_obj = NetPacket::IP->decode($packet);

             # check if this is a TCP packet
             if($ip_obj->{proto} == IP_PROTO_TCP) {

                 # decode the TCP header
                 $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});

                 # set the syn flag
                 $tcp_obj->{flags} |= SYN;

                 # construct the new ip packet
                 $ip_obj->{data} = $tcp_obj->encode($ip_obj);
                 $packet = $ip_obj->encode;

             }

             # write it back out
             $divobj->putPacket($packet,$fwtag);
          }

TODO

       Assembly of TCP fragments into a data stream
       Option processing
       Nicer processing of TCP flags

COPYRIGHT

       Copyright (c) 2001 Tim Potter and Stephanie Wehner.

       Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the
       CRC for Advanced Computational Systems ('ACSys').

       This module is free software.  You can redistribute it and/or modify it under the terms of
       the Artistic License 2.0.

       This program is distributed in the hope that it will be useful, but without any warranty;
       without even the implied warranty of merchantability or fitness for a particular purpose.

AUTHOR

       Tim Potter <tpot@samba.org>

       Stephanie Wehner <atrak@itsx.com>