I want code capable of listening for network input (possibly a connect() on an unexpected port) and reading the raw packet, going as low as the IP layer. I don't want to write the code that does all that, so I decided to use Net::Packet::Dump. I started with the first half of the example in the POD of Net::Packet::Dump:
# Instanciate object, will start capturing from network
my $dump = Net::Packet::Dump->new(
filter => 'tcp',
noStore => 1,
);
while (1) {
if (my $frame = $dump->next) {
do_stuff($frame);
}
}
I get an error: Can't bless non-reference value at .../Dump.pm line 250. So I tried perl -d server.pl. The error occurs at this expression:
bless(Net::Packet::netpacket_pcap_fp($self->_pcapd), 'IO::File')
Net::Packet::netpacket_pcap_fp is a reference to a C function:
FILE * netpacket_pcap_fp(pcap_t *pd){
if (pd == NULL) return(0);
else return(pd->sf.rfile);
}
and when I print $self->_pcapd in the debugger, I get
'_pcapd' => pcap_tPtr=SCALAR(0x896dde8)
-> 144211632
which I think is a reference (pointer) to the beginning of the data structure written in C of type struct pcapd, which is defined as follows:
struct pcap_sf {
FILE *rfile;
...
};
...
struct pcap {
...
struct pcap_sf sf;
...
};
So it looks like Net::Packet::Dump is trying to get a FILE* from C and bless it as an 'IO::File'. I've tried many things, even downloading the PeepPoke module so I could inspect that C data structure to be sure that FILE*rfile is not null (and no, it is not null). I found no reference online that suggests others may be having this problem.
I am grateful for any advice you can give! Thanks in advance!
--jeffguy
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.