File: packetdump.rb

package info (click to toggle)
ruby-nfqueue 1.0.4-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, forky, sid, trixie
  • size: 156 kB
  • sloc: ruby: 257; makefile: 7
file content (22 lines) | stat: -rw-r--r-- 461 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 

#!/usr/bin/env ruby

require 'nfqueue'

def mac_address(packet)
    hw_addr = packet.hw_addr
    return '??:??:??:??:??:??' if hw_addr.nil?

    hw_addr.unpack('C*').map{|c| "%02x" % c}.join(':')
end

Netfilter::Queue.create(0) do |packet|
    puts "New packet ##{packet.id} from interface #{packet.indev_name}"
    puts "Ethernet address: #{mac_address(packet)}"

    puts
    puts packet.data.unpack('H*')[0]
    puts '--'

    Netfilter::Packet::ACCEPT
end