A binding for performing packet capturing with node.js.
This binding is tested on Windows and Linux.
npm install cap
var Cap = require('cap').Cap;
var c = new Cap(),
device = Cap.findDevice('192.168.0.10'),
filter = 'tcp and dst port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) > 0)',
bufSize = 10 * 1024 * 1024,
buffer = new Buffer(65535);
p.open(device, filter, bufSize, buffer);
p.on('packet', function(nbytes, trunc) {
console.log('packet: length ' + nbytes + ' bytes, truncated? '
+ (trunc ? 'yes' : 'no'));
// raw packet data === buffer.slice(0, nbytes)
});
var Cap = require('cap').Cap;
console.dir(Cap.deviceList());
// example output on Linux:
// [ { name: 'eth0',
// addresses:
// [ { addr: '192.168.0.10',
// netmask: '255.255.255.0',
// broadaddr: '192.168.0.255' } ] },
// { name: 'nflog',
// description: 'Linux netfilter log (NFLOG) interface',
// addresses: [] },
// { name: 'any',
// description: 'Pseudo-device that captures on all interfaces',
// addresses: [] },
// { name: 'lo',
// addresses:
// [ { addr: '127.0.0.1', netmask: '255.0.0.0' },
// { addr: '::1',
// netmask: 'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' } ],
// flags: 'PCAP_IF_LOOPBACK' } ]
nbytes in size was captured. truncated indicates if the entire packet did not fit inside the Buffer supplied to open().(constructor)() - Creates and returns a new Cap instance.
open(< string >device, < string >filter, < integer >bufSize, < Buffer >buffer) - (void) - Opens device and starts capturing packets using filter. bufSize is the size of the internal buffer that libpcap uses to temporarily store packets until they are emitted. buffer is a Buffer large enough to store one packet. If open() is called again without a previous call to close(), an implicit close() will occur first.
close() - (void) - Stops capturing.
findDevice(< string >ip) - mixed - Returns the (first) device name associated with ip, or undefined if not found.
deviceList() - array - Returns a list of available devices and related information.
FAQs
A cross-platform binding for performing packet capturing with node.js
The npm package cap receives a total of 277 weekly downloads. As such, cap popularity was classified as not popular.
We found that cap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.
Security News
Ransomware negotiators share how modern cybercriminals operate like corporations, using specialized teams, negotiation tactics, and reputation management.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.