Net::Analysis 0.04 review
DownloadNet::Analysis are modules for analysing network traffic. SYNOPSIS Using an existing analyser: $ perl -MNet::Analysis -e mai
|
|
Net::Analysis are modules for analysing network traffic.
SYNOPSIS
Using an existing analyser:
$ perl -MNet::Analysis -e main help
$ perl -MNet::Analysis -e main TCP,v=1 dump.tcp - basic TCP info
$ perl -MNet::Analysis -e main HTTP,v=1 dump.tcp - HTTP stuff
$ perl -MNet::Analysis -e main Example2,regex=img dump.tcp - run an example
Writing your own analyser:
package MyExample;
use base qw(Net::Analysis::Listener::Base);
# Listen to events from other modules
sub tcp_monologue {
my ($self, $args) = @_;
my ($mono) = $args->{monologue};
my $t = $mono->t_elapsed()->as_number();
my $l = $mono->length();
# Emit your own event
$self->emit(name => 'example_event',
args => { kb_sec => ($t) ? $l/($t*1024) : 'N/A' }
);
}
# Process your own event
sub example_event {
my ($self, $args) = @_;
printf "Bandwidth: %10.2f KB/secn", $args->{kb_sec};
}
1;
__top
ABSTRACT
Net::Analysis is a suite of modules that parse tcpdump files, reconstruct TCP sessions from the packets, and provide a very lightweight framework for writing protocol anaylsers.
__top
I wanted a batch version of Ethereal in Perl, so I could:
- sift through parsed protocols with structured filters
- write custom reports that mixed events from multiple protocols
So here it is. Net::Analysis is a stack of protocol handlers that emit, and listen for, events.
Requirements:
Perl
Net::Analysis 0.04 search tags