Protocol Analyzer written in Erlang
Switch branches/tags
Nothing to show
Pull request Compare This branch is even with nygge:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
include
priv
src
.gitignore
Makefile
README.md
vsn.mk

README.md

pran

pran is a low-level tool to search .pcap files which contain telecom signalling packets. It is mainly useful inside an Erlang program.

pran's approach to searching is: First, find all packets which match the given binary search pattern. Second, decode the packets which were found. This makes pran very fast in the important case of large .pcap files and a binary search pattern which only matches a small number of the packets in the file.

Examples

48> {ok,FD}=pran:open_file("mtp2.pcap", ""). {ok,<0.152.0>} 49> pran:read(FD).
[#frame{seq_no = 1, timestamp = {1234,378,932000}, incl_payload_len = 5,orig_payload_len = 5,truncated = false, payload_bin = <<141,184,0,241,193>>}, {mtp2,{fisu}}] 50> pran:read(FD). [#frame{seq_no = 2, timestamp = {1234,379,764000}, incl_payload_len = 36,orig_payload_len = 36, truncated = false, payload_bin = <<141,185,31,133,2,64,0,0,0,0,1,0,33,0,10, 2,2,8,6,1,16,...>>}, {mtp2,#mtp2_msu{bsn = 13,bib = 1,fsn = 57,fib = 1, sio = undefined,sif = undefined}}, {mtp3,#mtp3_msu{ni = 2,prio = 0,si = isup,opc = 1,dpc = 2, sls = 0}}, {isup,<<0,0,1,0,33,0,10,2,2,8,6,1,16,18,82,85,33,10,6,7, 1,17,19,...>>}] 51> pran:close(FD).
ok

Protocols

GSM MAP SS7 TCAP SS7 SCCP SS7 MTP3 SS7 MTP2

SIP SDP

TCP UDP IP Ethernet

Building

Install Erlang, then run 'make' in the top level.