search

maiha / pcap.cr

Crystal bindings for libpcap
MIT License
25 stars 3 forks source link

packet.cr #9

Open puppetpies opened 7 years ago

puppetpies commented 7 years ago

Hi Maiha,

I see you have your src / dst which concatenates the ip / ports together. 

val src = "#{IpAddr.inspect(ip_header.ip_src)}:#{tcp_header.src}"
val dst = "#{IpAddr.inspect(ip_header.ip_dst)}:#{tcp_header.dst}"

The below code in my commit works however i want to be able to use all the available parameters via the packet loop as separate values so i can insert them into a database.

Which makes me not sure about your above names as there is both ip and tcp source and destination names in reality.

Take a look at the commit on my exposeflags branch as i'm wondering if there is better way todo this ?

https://github.com/puppetpies/pcap.cr/commit/a621fe5617c1fba7c14d2ec672629c283b34a404

Regards,

Brian

maiha commented 7 years ago

Hi, Brian!

i want to be able to use all the available parameters via the packet loop

I think we can already access all variables with method chain like this.

cap.loop do |pkt|
  ip_src = Pcap::IpAddr.inspect(pkt.ip_header.ip_src)
  ip_dst = Pcap::IpAddr.inspect(pkt.ip_header.ip_dst)
  tcp_src = pkt.tcp_header.tcp_src
  tcp_dst = pkt.tcp_header.tcp_dst
  puts "IP Src: #{ip_src} Ip Dst: #{ip_dst} TCP Src: #{tcp_src} TCP Dst: #{tcp_dst}"
end

This works but it's ugly. So, I guess you want some shortcuts for these methods. Right?

Regards

puppetpies commented 7 years ago

Ok i see but yeah its ugly think i think i might just use my expose branch for my project not sure you would want to merge them ?

maiha commented 7 years ago

Yep, I agree with you. I love those shortcuts! I'd like to merge it! Cloud you make a PR?

I have some requests before merging. So, I'll comment it on the PR.