Skip to content
forked from nygge/pran

Protocol Analyzer written in Erlang

Notifications You must be signed in to change notification settings

fholzhauser/pran

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

pran

pran is a low-level tool to search .pcap files which contain telecom signalling packets. It is mainly useful inside an Erlang program.

pran's approach to searching is: First, find all packets which match the given binary search pattern. Second, decode the packets which were found. This makes pran very fast in the important case of large .pcap files and a binary search pattern which only matches a small number of the packets in the file.

Examples

48> {ok,FD}=pran:open_file("mtp2.pcap", ""). {ok,<0.152.0>} 49> pran:read(FD).
[#frame{seq_no = 1, timestamp = {1234,378,932000}, incl_payload_len = 5,orig_payload_len = 5,truncated = false, payload_bin = <<141,184,0,241,193>>}, {mtp2,{fisu}}] 50> pran:read(FD). [#frame{seq_no = 2, timestamp = {1234,379,764000}, incl_payload_len = 36,orig_payload_len = 36, truncated = false, payload_bin = <<141,185,31,133,2,64,0,0,0,0,1,0,33,0,10, 2,2,8,6,1,16,...>>}, {mtp2,#mtp2_msu{bsn = 13,bib = 1,fsn = 57,fib = 1, sio = undefined,sif = undefined}}, {mtp3,#mtp3_msu{ni = 2,prio = 0,si = isup,opc = 1,dpc = 2, sls = 0}}, {isup,<<0,0,1,0,33,0,10,2,2,8,6,1,16,18,82,85,33,10,6,7, 1,17,19,...>>}] 51> pran:close(FD).
ok

Protocols

GSM MAP SS7 TCAP SS7 SCCP SS7 MTP3 SS7 MTP2

SIP SDP

TCP UDP IP Ethernet

Building

Install Erlang, then run 'make' in the top level.

About

Protocol Analyzer written in Erlang

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published