Skip to content

masatanish/reassemble_tcp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ReassembleTcp

Ruby gem for reassembling TCP fragment data from pcap file like Wireshark.

See: http://wiki.wireshark.org/TCP_Reassembly

Installation

Add this line to your application's Gemfile:

gem 'reassemble_tcp'

And then execute:

$ bundle

Or install it yourself as:

$ gem install reassemble_tcp

Usage

require 'reassemble_tcp'

ReassembleTcp.tcp_data_stream('some.pcap') {|t, from, to, data|
  puts "[#{t.strftime("%Y/%m/%d %H:%M:%S.%6N")} #{from} -> #{to}"
  puts data[0..100]
  puts
}

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

About

Ruby gem for reassembling TCP data from pcap like Wireshark

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages