forked from sam-github/pcap-lua
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pcap-dump
executable file
·62 lines (49 loc) · 1.15 KB
/
pcap-dump
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/usr/bin/env lua5.1
local pcap = require"pcap"
arg.device = "any"
arg.snaplen = 0
arg.promisc = false
arg.filter = nil
arg.save = nil
arg.timeout = 1
for i,a in ipairs(arg) do
local s,e,k,v = a:find("^([^=]+)=(.*)$")
arg[k] = v
end
for k,v in pairs(arg) do
if type(k) == "string" then
print("arg", k, v)
end
end
cap = assert(pcap.open_live(arg.device, arg.snaplen, arg.promisc, arg.timeout))
print("cap", cap)
if arg.save then
out = assert(cap:dump_open(arg.save))
end
if arg.filter then
assert(cap:set_filter(arg.filter))
end
function loop(cap)
local n
n = function(cap)
local capdata, timestamp, wirelen = cap:next()
if capdata then
return capdata, timestamp, wirelen
end
local emsg = timestamp
if emsg == "closed" then
return nil
end
if emsg == "timeout" then
return n(cap)
end
assert(nil, timestamp)
end
return n, cap
end
for capdata, timestamp, wirelen in loop(cap) do
print("#", timestamp, wirelen, #capdata)
if out then
assert(out:dump(capdata, timestamp, wirelen))
end
end