Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

PacketFu, a mid-level packet manipulation library for Ruby

branch: master

This branch is 0 commits ahead and 0 commits behind master

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.rdoc

PacketFu

A library for reading a writing packets to an interface or to a libpcap-formatted file.

It is maintained at code.google.com/p/packetfu and github.com/todb/packetfu (which repository will win?)

Documentation

PacketFu is rdoc-compatible, which means it's sdoc compatible. In the same directory as this file, run “sdoc” by itself (gem install sdoc), and then view doc/index.html with your favored browser. Once that's done, navigate at the top, and read up on how to create a Packet or Capture from an interface with show_live or whatever.

Requirements

PcapRub:

$ svn co www.metasploit.com/svn/framework3/trunk/external/pcaprub

or

$ rvm gem install pcaprub

Marshall Beddoe's PcapRub is required only for packet reading and writing from a network interfaces (which is a pretty big only). PcapRub itself relies on libpcap 0.9.8 or later for packet injection. PcapRub also requires root privilieges to access the interface directly.

Platforms

I tend to test with the following (with bash):

date > /tmp/tests.txt; for i in default 1.8.6-p420 1.8.7-p334 1.9.1-p431 1.9.2-p180 1.9.3-head
do rvm use $i >> /tmp/tests.txt
echo Testing with $i
echo $i >> /tmp/tests.txt; echo +++++++++++++++++++++++ >> /tmp/tests.txt
rvmsudo ./all_tests.rb >> /tmp/tests.txt; rspec . >> /tmp/tests.txt
done

Passing Platforms

  • 1.9.1-p378

  • 1.8.7-p334

  • 1.9.2-p180 (suggested version)

  • 1.9.3-head

Problem Platforms

Technically, these are pcaprub problems and not PacketFu problems, but PacketFu should at least fail better at them.

Incidentally, I suspect these Ruby problems are the crux of the Mac OSX problems that people report. Try a different Ruby build and please let me know what works for you.

Examples

PacketFu ships with dozens and dozens of tests, built on Test::Unit. These should give good pointers on how you're expected to use it. See the /tests directory. Furthermore, PacketFu also ships with packetfu-shell.rb, which should be run via IRB (as root, if you intend to use your interfaces).

Author

PacketFu is maintained primarily by Tod Beardsley todb@planb-security.net, with help from Open Source Land.

See LICENSE for licensing details.

Something went wrong with that request. Please try again.