Crate snoop

Source
Expand description

snoop is a rust library to read and write files in snoop file format.

§Example

the default case is to read from a snoop file.

$ cargo add snoop --features read

Then use the snoop reader on a file in main.rs:

extern crate snoop;

use snoop::read::Reader;
use std::fs::File;
use std::io::BufReader;

/// cargo run --example read -- snoop_file.cap
///
/// read a single snoop file and get a copy of the data
fn main() {
    let fp = match File::open(
        std::env::args()
            .nth(1)
            .expect("no path to snoop file given"),
    ) {
        Ok(f) => f,
        Err(e) => {
            println!("File Error: {}", e);
            return;
        }
    };
    let mut cnt = 0u32;
    for i in Reader::new(BufReader::new(fp)).unwrap() {
        cnt += 1;
        let packet = i.unwrap();
        println!(
            "packet: {}\n{:#?}\ndata: {:x?}\n",
            cnt,
            &packet.header,
            &packet.data[..]
        );
    }
}

§feature flags

§default features

  • parser: format parser

§optional features

  • read: read from a reader like files or buf
  • write: write to a writer like files or buf
  • full: include parser, reader and writer

Modules§

error
custom errors that can happen using snoop.
format
implementation of the snoop file format version 2.
parse
parse snoop headers and calculate data len and pads.