Re: Win32 TCP SYN messages

It looks to me like you are looking at the wrong bits. NetPacket::TCP has the following constants defined:

use constant FIN => 0x01;
use constant SYN => 0x02;
use constant RST => 0x04;
use constant PSH => 0x08;
use constant ACK => 0x10;
use constant URG => 0x20;
use constant ECE => 0x40;
use constant CWR => 0x80;
[download]

Just to test my theory I wrote the following snippet.

#!/usr/bin/perl
use strict;
use warnings;

use constant FIN => 0x01;
use constant SYN => 0x02;
use constant RST => 0x04;
use constant PSH => 0x08;
use constant ACK => 0x10;
use constant URG => 0x20;
use constant ECE => 0x40;
use constant CWR => 0x80;

my $helpDec = sprintf("%d", 19); # an arbitrary number that will have 
+the SYN bit set
my $helpBin = unpack("B*", pack('C',$helpDec));

print "TCPFLAG: $helpBin\n";
print "Or: $helpDec\n";

print "TCPACK: " . substr( $helpBin, 6, 1 ) . "\n"; #TCP flag ACK
print "TCPPSH: " . substr( $helpBin, 5, 1 ) . "\n"; #TCP flag PUSH (PS
+H)
print "TCPRST: " . substr( $helpBin, 4, 1 ) . "\n"; #TCP flag RESET (R
+ST)
print "TCPSYN: " . substr( $helpBin, 3, 1 ) . "\n"; #TCP flag SYN
print "TCPFIN: " . substr( $helpBin, 2, 1 ) . "\n"; #TCP flag FIN
print "\n";
print "TCPACK: " . ( $helpDec & ACK ? 1 : 0 ) . "\n"; #TCP flag ACK
print "TCPPSH: " . ( $helpDec & PSH ? 1 : 0 ) . "\n"; #TCP flag PUSH (
+PSH)
print "TCPRST: " . ( $helpDec & RST ? 1 : 0 ) . "\n"; #TCP flag RESET 
+(RST)
print "TCPSYN: " . ( $helpDec & SYN ? 1 : 0 ) . "\n"; #TCP flag SYN
print "TCPFIN: " . ( $helpDec & FIN ? 1 : 0 ) . "\n"; #TCP flag FIN

__END__
TCPFLAG: 00010011
Or: 19
TCPACK: 1
TCPPSH: 0
TCPRST: 0
TCPSYN: 1
TCPFIN: 0

TCPACK: 1
TCPPSH: 0
TCPRST: 0
TCPSYN: 1
TCPFIN: 1
[download]

I hope this helps.

Comment on Re: Win32 TCP SYN messages Select or Download Code

Replies are listed 'Best First'.
Re^2: Win32 TCP SYN messages by ikegami (Patriarch) on Jun 21, 2006 at 12:58 UTC
`my $helpDec = sprintf("%d", 19);` is the same as `my $helpDec = "19";` but you don't even want a string, so you want `my $helpDec = 19;` If you're trying to remove fractional components, use `my $helpDec = int(19);`	[reply] [d/l] [select]
Re^3: Win32 TCP SYN messages by Mr. Muskrat (Canon) on Jun 21, 2006 at 13:50 UTC
Yes, I know. I was trying to keep as much of the OP's code as possible.	[reply]
Re^4: Win32 TCP SYN messages by ikegami (Patriarch) on Jun 21, 2006 at 15:09 UTC
Then the comment applies to the OP too. `$helpDec = sprintf("%d", $ip->{'tos'});` should be one of: `$helpDec = $ip->{'tos'};` `$helpDec = 0+$ip->{'tos'}; # Convert string to number` `$helpDec = int($ip->{'tos'}); # Convert string or number to integer`	[reply] [d/l] [select]
Re^2: Win32 TCP SYN messages by jschollen (Beadle) on Jun 21, 2006 at 07:29 UTC
Thx. It works. I can't believe I missed that part.	[reply]