struct p0f_query q;
recv(c,&q,sizeof(q),MSG_NOSIGNAL)

struct p0f_response r;
send(sock,&r,sizeof(r),MSG_NOSIGNAL)

struct p0f_response* n;
send(sock,n,sizeof(struct p0f_response),MSG_NOSIGNAL)

##</code><code>##

use strict;
use warnings;

use Convert::Binary::C qw( );
use IO::Socket         qw( );
use Net::IP            qw( );

use constant QUERY_MAGIC       => 0x0defaced;
use constant QTYPE_FINGERPRINT => 1;

my %p0h_arch = (
   #ByteOrder => ...,
   #Alignment => ...,
);

{
   die "usage: p0fq.pl p0f_socket src_ip src_port dst_ip dst_port"
      unless @ARGV == 5;

   my $c = Convert::Binary::C
           ->new(%p0h_arch)
           ->parse_file('p0f-query.h');

   # Convert the IPs and pack the request message
   my $src = Net::IP->new($ARGV[1]) or die (Net::IP::Error());
   my $dst = Net::IP->new($ARGV[3]) or die (Net::IP::Error());
   print "$ARGV[1]\n";
   my $query = $c->pack(p0f_query =>
      QUERY_MAGIC,
      QTYPE_FINGERPRINT,
      0x12345678,
      $src->intip(),
      $dst->intip(),
      $ARGV[2],
      $ARGV[4],
   );

   # Open the connection to p0f
   my $sock = IO::Socket::UNIX->new(
      Peer => $ARGV[0],
      Type => SOCK_STREAM,
   )
      or die "Could not create socket: $!\n";

   # Ask p0f
   print $sock $query;
   my $response = <$sock>;  # yuck!
   close $sock;

   # Extract the response from p0f
   my ($magic, $id, $type, $genre, $detail, $dist, $link,
       $tos, $fw, $nat, $real, $score, $mflags, $uptime) =
      $c->unpack(p0h_response => $response);
   die "Bad response magic.\n" if $magic != QUERY_MAGIC;
   die "P0f did not honor our query.\n" if $type == 1;
   die "This connection is not (no longer?) in the cache.\n" if $type == 2;

   # Display result
   print "Genre    : " . $genre . "\n";
   print "Details  : " . $detail . "\n";
   print "Distance : " . $dist . " hops\n";
   print "Link     : " . $link . "\n";
   print "Uptime   : " . $uptime . " hrs\n";
}