Enough already! How does this work by example!?
![[+]](./images/find.png "show/hide quicksearch"){kind=small}
#!/usr/bin/env ruby
require "rubygems"
require "pcaprub"
class CaptureExample
def initialize()
#interface configuration
@dev = ::Pcap.lookupdev
#promiscous_mode = true
@promiscous_mode = false
@timeout = 0
#packet information
@capture_packets = 100
@snaplength = 65535
@bpf = "ip and not dst net 110.0.0.0/8"
end
def getpackets
system("ifconfig", @dev, "up")
capture = ::Pcap.open_live(@dev, @snaplength, @promiscous_mode, @timeout)
capture.setfilter(@bpf)
begin
puts "Started capture..(#{@dev} => \"#{@bpf}\")"
capture.each do |packet|
# Handling the number of packets to process
@capture_packets -= 1
if @capture_packets == 0
break
end
end
# ^C to stop sniffing
rescue Interrupt
puts "\nPacket Capture stopped by interrupt signal."
rescue Exception => e
puts "\nERROR: #{e}"
retry
end
puts "Captured #{100 - @capture_packets} packets"
return capture
end
end
mycapture = CaptureExample.new()
packet_capture = mycapture.getpackets
puts "capture.stats['recv'] = #{packet_capture.stats['recv']}"
puts "capture.stats['drop'] = #{packet_capture.stats['drop']}"
Generated with the Darkfish Rdoc Generator 2.