NetPacket::TCP and "options" field

I'm using NetPacket::TCP to examine network packets. Everything seems
to be working, except I can't get anything out of the "options" field.
For example, $tcp->{options} is always empty. Has anyone had any
success with this module? I'm wondering if I need to further unpack
this field or something.

Thanks.

eugk007@gmail.com wrote:
> I'm using NetPacket::TCP to examine network packets. Everything seems
> to be working, except I can't get anything out of the "options"
field.
> For example, $tcp->{options} is always empty. Has anyone had any
> success with this module? I'm wondering if I need to further unpack
> this field or something.
>
> Thanks.

I don't know how to do it with NetPacket, but with Net::Packet,
it is easy:

# To build a TCP SYN packet with MSS=1460 option
# (padding is done auto):
my $tcp = Net::Packet::TCP->new(
dst => 22,
options => "\x02\x04\x05\xb4",
);

# To display options field:
print unpack('H*', $frame->l4->options), "\n";

--
^  ___  ___    FreeBSD Network - http://www.GomoR.org/ <-+
| / __ |__/     Security Engineer, searching for work    |
| \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
+-->  Net::Packet <=> http://search.cpan.org/~gomor/  <--+

----- End forwarded message -----

Thanks, that's interesting. Unpacking it like that might also work for
NetPacket. But would you normally recommend the Net::Packet modules
instead? Are there any significant differences/advantages?

----- End forwarded message -----

-eugk- wrote:
> Thanks, that's interesting. Unpacking it like that might
> also  work  for  NetPacket.  But  would   you   normally
> recommend the Net::Packet modules instead? Are there any
> significant differences/advantages?
>
> ----- End forwarded message -----

Yes,  there  are  differences,   advantages,   and   maybe
divantages also ;)

When  you  use  Net::Packet,  you  do  not  need  to   use
Net::Pcap. All the gory details  of Net::Pcap  are  hidden
behind the  related  object  (Net::Packet::Dump).  Network
interface information (dev, ip,  ip6,  mac)   is  gathered
automatically, so you do not need  to  bother  with  them.

Also, when you create a Net::Packet::Frame object, you put
in it all wanted layers (Layer2, Layer3, Layer4, Lauer7).

Each time you create an object from a layer, some defaults
values are set. For example,  a  Net::Packet::IPv4  object
will have the source ip address set to the default network
interface from your system.

I suggest you take a look  at  these  perldoc  (SYNOPSIS).
This is better to look at the code  than  to  do  a  long
and boring speech ;)

http://search.cpan.org/~gomor/Net-P...Packet/Frame.pm
http://search.cpan.org/~gomor/Net-P.../Packet/Dump.pm

--
^  ___  ___    FreeBSD Network - http://www.GomoR.org/ <-+
| / __ |__/     Security Engineer, searching for work    |
| \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
+-->  Net::Packet <=> http://search.cpan.org/~gomor/  <--+

----- End forwarded message -----

eugk007@gmail.com wrote:
> I'm using NetPacket::TCP to examine network packets. Everything seems
> to be working, except I can't get anything out of the "options"
field.
> For example, $tcp->{options} is always empty. Has anyone had any
> success with this module? I'm wondering if I need to further unpack
> this field or something.
>
> Thanks.

I don't know how to do it with NetPacket, but with Net::Packet,
it is easy:

# To build a TCP SYN packet with MSS=1460 option
# (padding is done auto):
my $tcp = Net::Packet::TCP->new(
dst => 22,
options => "\x02\x04\x05\xb4",
);

# To display options field:
print unpack('H*', $frame->l4->options), "\n";

--
^  ___  ___    FreeBSD Network - http://www.GomoR.org/ <-+
| / __ |__/     Security Engineer, searching for work    |
| \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
+-->  Net::Packet <=> http://search.cpan.org/~gomor/  <--+

----- End forwarded message -----