in reply to my first packet sniffer in perl

# extract the source IP addr into dotted quad form
my($source) = sprintf("%d.%d.%d.%d",
        ord( substr($packet, $src_ip, 1) ),
        ord( substr($packet, $src_ip+1, 1) ),
        ord( substr($packet, $src_ip+2, 1) ),
        ord( substr($packet, $src_ip+3, 1) ));

# extract the destination IP addr into dotted quad form
my($destination) = sprintf("%d.%d.%d.%d",
        ord( substr($packet, $dst_ip, 1) ),
        ord( substr($packet, $dst_ip+1, 1) ),
        ord( substr($packet, $dst_ip+2, 1) ),
        ord( substr($packet, $dst_ip+3, 1) ));
#the above part is directly taken from "hacking linux exposed" (sorry 
+but couldn't figure out this part)

[download]

An easier way to do that is through the Socket module: 

use Socket;
# extract the source IP addr into dotted quad form
my $source = inet_ntoa substr $packet, $src_ip, 4;

# extract the destination IP addr into dotted quad form
my $destination = inet_ntoa substr $packet, $dst_ip, 4;

[download]

Replies are listed 'Best First'.
Re^2: my first packet sniffer in perl
by hnd (Scribe) on Jun 29, 2009 at 16:49 UTC
    hey...... thats obviously better!!!!!!!
    now why didnt i thought of it......
[reply]

In Section Meditations