pcap - npm Package Compare versions

Comparing version 0.3.0 to 0.3.1

package.json

@@ -1,5 +0,9 @@
-{   "name" : "pcap",
-    "version" : "0.3.0",
+{
+   "name" : "pcap",
+    "version" : "0.3.1",
     "description" : "raw packet capture, decoding, and analysis",
     "author": "Matt Ranney <mjr@ranney.com>",
+    "maintainers": [
+        "Ujjwal Thaakar <ujjwalthaakar@gmail.com>"
+    ],
     "main": "./pcap",
@@ -9,4 +13,3 @@ "repository": {
         "url": "git://github.com/mranney/node_pcap.git"
-    },
-    "scripts": { "install": "node-waf configure clean build" }
+    }
 }

pcap.js

@@ -15,3 +15,3 @@ /*global process require exports console */
 } else {
-    util = require("sys");
+    util = require('util');
     IOWatcher = process.IOWatcher;
@@ -140,2 +140,10 @@ }
     },
+    sll_addr: function (raw_packet, offset, len) {
+	var res = []
+	for (i=0; i<len; i++){
+		res.push(lpad(raw_packet[offset+i].toString(16), 2));
+	}
+
+        return res.join(":");
+    },
     uint16: function (raw_packet, offset) {
@@ -229,2 +237,5 @@ return ((raw_packet[offset] * 256) + raw_packet[offset + 1]);
         break;
+    case "LINKTYPE_LINUX_SLL":
+        packet.link = decode.linux_sll(raw_packet, 0);
+        break;
     default:
@@ -313,5 +324,42 @@ console.log("pcap.js: decode.packet() - Don't yet know how to decode link type " + raw_packet.pcap_header.link_type);
 
+    
+
     return ret;
 };
 
+
+decode.linux_sll = function (raw_packet, offset) {
+    var ret = {};
+    var types = {0:"HOST", 1:"BROADCAST", 2:"MULTICAST", 3:"OTHERHOST", 4:"OUTGOING"};
+    
+    ret.sllPacketType = unpack.uint16(raw_packet, offset); offset+=2;
+    ret.sllAddressType = types[unpack.uint16(raw_packet, offset)]; offset+=2;
+    var sllAddressLength = unpack.uint16(raw_packet, offset); offset+=2;
+
+    ret.sllSource = unpack.sll_addr(raw_packet, offset, sllAddressLength); 
+    offset+=8; //address field is fixed to 8 bytes from witch addresslength bytes are used
+    
+    ret.sllProtocol = unpack.uint16(raw_packet, offset); offset+=2;
+    
+    switch (ret.sllProtocol) {
+    case 0x800: // IPv4
+        ret.ip = decode.ip(raw_packet, offset);
+        break;
+    case 0x806: // ARP
+        ret.arp = decode.arp(raw_packet, offset);
+        break;
+    case 0x86dd: // IPv6 - http://en.wikipedia.org/wiki/IPv6
+        ret.ipv6 = decode.ip6(raw_packet, offset);
+        break;
+    case 0x88cc: // LLDP - http://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol
+        ret.lldp = "need to implement LLDP";
+        break;
+    default:
+        console.log("pcap.js: decode.linux_sll() - Don't know how to decode ethertype " + ret.sllProtocol);
+    }
+
+    return ret;
+};
+
+
 decode.ieee802_11_radio = function (raw_packet, offset) {
@@ -1159,2 +1207,28 @@ var ret = {};
 
+print.slltype = function (packet) {
+    var ret = ""
+
+    switch (packet.link.ethertype) {
+    case 0x0:
+        ret += " 802.3 type ";
+        break;
+    case 0x800:
+        ret += print.ip(packet);
+        break;
+    case 0x806:
+        ret += print.arp(packet);
+        break;
+    case 0x86dd:
+        ret += " IPv6 ";
+        break;
+    case 0x88cc:
+        ret += " LLDP ";
+        break;
+    default:
+        console.log("pcap.js: print.linuxsll() - Don't know how to print type " + packet.link.ethertype);
+    }
+
+    return ret;
+};
+
 print.ethernet = function (packet) {
@@ -1220,2 +1294,5 @@ var ret = packet.link.shost + " -> " + packet.link.dhost;
         break;
+    case "LINKTYPE_LINUX_SSL":
+        ret += print.slltype(packet_to_print);
+        break;
     default:
@@ -1222,0 +1299,0 @@ console.log("Don't yet know how to print link_type " + packet_to_print.link_type);

README.md

@@ -47,3 +47,3 @@ node_pcap
     cd node_pcap
-    node-waf configure build
+    node-gyp configure build
 
@@ -50,0 +50,0 @@ Assuming it built without errors, you should be able to run the examples and then write your own packet

New alerts

Native code

Supply chain risk

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

301490

increased by0.46%

Lines of code

3538

increased by1.81%

Number of high supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of package files

17

decreased by-5.56%

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes