var Cap = require('cap').Cap;
var decoders = require('cap-decoders');
var PROTOCOL = decoders.PROTOCOL;

var c = new Cap();
var device = Cap.findDevice('192.168.0.10');
var filter = 'tcp and dst port 80';
var bufSize = 10 * 1024 * 1024;
var buffer = Buffer.alloc(65535);

var linkType = c.open(device, filter, bufSize, buffer);

c.setMinBytes && c.setMinBytes(0);

c.on('packet', function(nbytes, trunc) {
  console.log('packet: length ' + nbytes + ' bytes, truncated? '
              + (trunc ? 'yes' : 'no'));

  // raw packet data === buffer.slice(0, nbytes)

  if (linkType === 'ETHERNET') {
    var ret = decoders.Ethernet(buffer);

    if (ret.info.type === PROTOCOL.ETHERNET.IPV4) {
      console.log('Decoding IPv4 ...');

      ret = decoders.IPV4(buffer, ret.offset);
      console.log('from: ' + ret.info.srcaddr + ' to ' + ret.info.dstaddr);

      if (ret.info.protocol === PROTOCOL.IP.TCP) {
        var datalen = ret.info.totallen - ret.hdrlen;

        console.log('Decoding TCP ...');

        ret = decoders.TCP(buffer, ret.offset);
        console.log(' from port: ' + ret.info.srcport + ' to port: ' + ret.info.dstport);
        datalen -= ret.hdrlen;
        console.log(buffer.toString('binary', ret.offset, ret.offset + datalen));
      } else if (ret.info.protocol === PROTOCOL.IP.UDP) {
        console.log('Decoding UDP ...');

        ret = decoders.UDP(buffer, ret.offset);
        console.log(' from port: ' + ret.info.srcport + ' to port: ' + ret.info.dstport);
        console.log(buffer.toString('binary', ret.offset, ret.offset + ret.info.length));
      } else
        console.log('Unsupported IPv4 protocol: ' + PROTOCOL.IP[ret.info.protocol]);
    } else
      console.log('Unsupported Ethertype: ' + PROTOCOL.ETHERNET[ret.info.type]);
  }
});

Static methods

The following methods are available off of require('cap-decoders'). They parse the relevant protocol header and return an object containing the parsed information:

Link Layer Protocols
- Ethernet(< Buffer buf[, < integer >bufOffset=0])
Internet Layer Protocols
- IPV4(< Buffer buf[, < integer >bufOffset=0])
- IPV6(< Buffer buf[, < integer >bufOffset=0])
- ICMPV4(< Buffer buf, < integer >nbytes[, < integer >bufOffset=0])
Transport Layer Protocols
- TCP(< Buffer buf[, < integer >bufOffset=0])
- UDP(< Buffer buf[, < integer >bufOffset=0])
- SCTP(< Buffer buf, < integer >nbytes[, < integer >bufOffset=0])

Keywords

pcap

packet

decoder

FAQs

What is cap-decoders?

Is cap-decoders well maintained?

Package last updated on 30 Jun 2019

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

cap-decoders

Description

Requirements

Install

Examples

Static methods

Keywords

Related posts

ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem

Introducing Socket Scanning for OpenVSX Extensions