pcap - npm Package Compare versions
Comparing version 0.3.0 to 0.3.1
@@ -1,5 +0,9 @@ | ||
| { "name" : "pcap", | ||
| "version" : "0.3.0", | ||
| { | ||
| "name" : "pcap", | ||
| "version" : "0.3.1", | ||
| "description" : "raw packet capture, decoding, and analysis", | ||
| "author": "Matt Ranney <mjr@ranney.com>", | ||
| "maintainers": [ | ||
| "Ujjwal Thaakar <ujjwalthaakar@gmail.com>" | ||
| ], | ||
| "main": "./pcap", | ||
@@ -9,4 +13,3 @@ "repository": { | ||
| "url": "git://github.com/mranney/node_pcap.git" | ||
| }, | ||
| "scripts": { "install": "node-waf configure clean build" } | ||
| } | ||
| } |
79
pcap.js
@@ -15,3 +15,3 @@ /*global process require exports console */ | ||
| } else { | ||
| util = require("sys"); | ||
| util = require('util'); | ||
| IOWatcher = process.IOWatcher; | ||
@@ -140,2 +140,10 @@ } | ||
| }, | ||
| sll_addr: function (raw_packet, offset, len) { | ||
| var res = [] | ||
| for (i=0; i<len; i++){ | ||
| res.push(lpad(raw_packet[offset+i].toString(16), 2)); | ||
| } | ||
| return res.join(":"); | ||
| }, | ||
| uint16: function (raw_packet, offset) { | ||
@@ -229,2 +237,5 @@ return ((raw_packet[offset] * 256) + raw_packet[offset + 1]); | ||
| break; | ||
| case "LINKTYPE_LINUX_SLL": | ||
| packet.link = decode.linux_sll(raw_packet, 0); | ||
| break; | ||
| default: | ||
@@ -313,5 +324,42 @@ console.log("pcap.js: decode.packet() - Don't yet know how to decode link type " + raw_packet.pcap_header.link_type); | ||
| return ret; | ||
| }; | ||
| decode.linux_sll = function (raw_packet, offset) { | ||
| var ret = {}; | ||
| var types = {0:"HOST", 1:"BROADCAST", 2:"MULTICAST", 3:"OTHERHOST", 4:"OUTGOING"}; | ||
| ret.sllPacketType = unpack.uint16(raw_packet, offset); offset+=2; | ||
| ret.sllAddressType = types[unpack.uint16(raw_packet, offset)]; offset+=2; | ||
| var sllAddressLength = unpack.uint16(raw_packet, offset); offset+=2; | ||
| ret.sllSource = unpack.sll_addr(raw_packet, offset, sllAddressLength); | ||
| offset+=8; //address field is fixed to 8 bytes from witch addresslength bytes are used | ||
| ret.sllProtocol = unpack.uint16(raw_packet, offset); offset+=2; | ||
| switch (ret.sllProtocol) { | ||
| case 0x800: // IPv4 | ||
| ret.ip = decode.ip(raw_packet, offset); | ||
| break; | ||
| case 0x806: // ARP | ||
| ret.arp = decode.arp(raw_packet, offset); | ||
| break; | ||
| case 0x86dd: // IPv6 - http://en.wikipedia.org/wiki/IPv6 | ||
| ret.ipv6 = decode.ip6(raw_packet, offset); | ||
| break; | ||
| case 0x88cc: // LLDP - http://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol | ||
| ret.lldp = "need to implement LLDP"; | ||
| break; | ||
| default: | ||
| console.log("pcap.js: decode.linux_sll() - Don't know how to decode ethertype " + ret.sllProtocol); | ||
| } | ||
| return ret; | ||
| }; | ||
| decode.ieee802_11_radio = function (raw_packet, offset) { | ||
@@ -1159,2 +1207,28 @@ var ret = {}; | ||
| print.slltype = function (packet) { | ||
| var ret = "" | ||
| switch (packet.link.ethertype) { | ||
| case 0x0: | ||
| ret += " 802.3 type "; | ||
| break; | ||
| case 0x800: | ||
| ret += print.ip(packet); | ||
| break; | ||
| case 0x806: | ||
| ret += print.arp(packet); | ||
| break; | ||
| case 0x86dd: | ||
| ret += " IPv6 "; | ||
| break; | ||
| case 0x88cc: | ||
| ret += " LLDP "; | ||
| break; | ||
| default: | ||
| console.log("pcap.js: print.linuxsll() - Don't know how to print type " + packet.link.ethertype); | ||
| } | ||
| return ret; | ||
| }; | ||
| print.ethernet = function (packet) { | ||
@@ -1220,2 +1294,5 @@ var ret = packet.link.shost + " -> " + packet.link.dhost; | ||
| break; | ||
| case "LINKTYPE_LINUX_SSL": | ||
| ret += print.slltype(packet_to_print); | ||
| break; | ||
| default: | ||
@@ -1222,0 +1299,0 @@ console.log("Don't yet know how to print link_type " + packet_to_print.link_type); |
@@ -47,3 +47,3 @@ node_pcap | ||
| cd node_pcap | ||
| node-waf configure build | ||
| node-gyp configure build | ||
@@ -50,0 +50,0 @@ Assuming it built without errors, you should be able to run the examples and then write your own packet |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.46%
301490
- Lines of code
- increased by1.81%
3538
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Number of package files
- decreased by-5.56%
17
- Number of medium supply chain risk alerts
- increased by33.33%
4