pgen_unknown class is unique packet class, not same other packet class such as pgen_eth class and pgen_tcp class. This class analyze packet roughly. is Ethernet packet, is ARP packet,.. and IP address is , source MAC address is 11:22:33:44:55:66 and more.


Member Function

pgen_uknown class is most usage is the same as that class. but there are some specific member functions.



cast                analyze packet
send               send packet
summary, hex         print information

isETH, isARP, isIP, isICMP, isTCP, isUDP       get protocol of packet

ETH.src, ETH.dst, ETH.addr
IP.src, IP.dst, IP.addr
TCP.src, TCP.dst, TCP.port
UDP.src, UDP.dst, UDP.port      get protocol information





cast() analyze packet binary with binary pointer and length.

buf, 1st argument is buffer pointer.
buflen, 2nd argument is buffer length

send() send packet with PGEN discriptor

handle, 1st argument is PGEN-discriptor.

summary() print summary 1 liner.

hex() print hexdump of packet.

isETH(), isARP(), isIP(), isICMP(), isTCP(), isUDP() is return bool variable, which kind of packet.

ETH.src(), ETH.dst(), ETH.addr() is return MAC address to use when packet filtering.

IP.src(), IP.dst(), IP.addr() is return IP address to use when packet filtering.

TCP.src(), TCP.dst(), TCP.port() is return Port number to use when packet filtering.

UDP.src(), UDP.dst(), UDP.port() is return Port number to use when packet filtering.


Sample Code

Packet capture about TCP80.


This is execution result.

Comments are closed.