Hi, Here's the example from the Net::Frame::Dump::Offline 
my $oDump = Net::Frame::Dump::Offline->new(
        file    => $pcapfile,
        filter  => 'udp src port 53',
);

$oDump->start;

my $count = 0;

while (my $h = $oDump->next) {
        my $f = Net::Frame::Simple->new(
                raw             => $h->{raw},
                firstLayer      => $h->{firstLayer},
                timestamp       => $h->{timestamp},
        );
        my $len = length($h->{raw});
        print 'o Frame number: '.$count++." (length: $len)\n";
        print $f->print."\n";
        print $f->firstLayer."\n";
}

[download]
The sample output is: 
o Frame number: 0 (length: 79)
Layer::ETH: dst:00:0f:1f:64:56:c2  src:00:01:d7:49:51:84  type:0x0800
Layer::IPv4: version:4  hlen:5  tos:0x00  length:65  id:39664
Layer::IPv4: flags:0x02  offset:0  ttl:255  protocol:0x11  checksum:0x
+ec67
Layer::IPv4: src:x  dst:x
Layer::UDP: src:53802  dst:53  length:45  checksum:0x1512
Padding: fb7a01000001000000000000037777770b73746174636f756e74657203636
+f6d0000010001
o Frame number: 1 (length: 95)
Layer::ETH: dst:00:0f:1f:64:56:c2  src:00:01:d7:49:51:84  type:0x0800
Layer::IPv4: version:4  hlen:5  tos:0x00  length:81  id:39668
Layer::IPv4: flags:0x02  offset:0  ttl:255  protocol:0x11  checksum:0x
+381e
Layer::IPv4: src:x dst:x
Layer::UDP: src:11463  dst:53  length:61  checksum:0xb410
Padding: fc8c010000010000000000000870726f78792d736e08636f6e74616374730
+36d736e03636f6d056e73617463036e65740000010001
o Frame number: 2 (length: 75)
Layer::ETH: dst:00:0f:1f:64:56:c2  src:00:01:d7:49:51:84  type:0x0800
Layer::IPv4: version:4  hlen:5  tos:0x00  length:61  id:39672
Layer::IPv4: flags:0x02  offset:0  ttl:255  protocol:0x11  checksum:0x
+29d5
Layer::IPv4: src:x  dst:x
Layer::UDP: src:42067  dst:53  length:41  checksum:0xe66e
Padding: 506701000001000000000000036164340473696e6103636f6d02636e00000
+10001

[download]

My question is, how do I get the payload of the UDP layer (or any layer after firstLayer)? I want to use Net::Frame::Layer::IPv4, Net::Frame::Layer::TCP and so on to process the layers.

In reply to Parsing packets using Net::Frame by qwconst

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.