Crate wiretap

Source
Expand description

§wiretap

wiretap wraps lower level networking and concurency libraries to make packet capture easier in Rust programs

§Examples

§Capture-then-process

This basic example shows how to capture packets and later do something with the TCP ones

use wiretap;
use std::{thread, time};

fn main() {
    // Create a new PacketCapture with the "lo" interface
    let pc = wiretap::PacketCapture::new_from_interface("lo").unwrap();
    // Start a capture on that interface
    let pc = pc.start_capture();
    // Do something useful, probably
    thread::sleep(time::Duration::from_secs(15));
    // Stop the capture
    let pc = pc.stop_capture();
    // Get the resulting TCP packets
    let output = pc.results_as_tcp();
    // Do something with them
    println!("Captured {} TCP packets", output.len());
    for out in output.iter() {
        println!("{:?}", out.payload());
}

§Process-while-capturing

This basic example shows how to process packets with a callback as they are captured

use wiretap;
use wiretap::Packet;
use std::{thread, time};
use std::ops::Deref;
 
 
// Print the SrcIP:SrcPort --> DestIP:DestPort
fn print_to_from(bytes: Vec<u8>) {
    // Make sure the payload represents an EthernetFrame
    if let Some(ethernet_packet) = wiretap::EthernetFrame::new(&bytes) {
        // Make sure the EthernetFrame payload represents an Ipv4Packet
        if let Some(ipv4_packet) = wiretap::Ipv4Packet::new(ethernet_packet.deref().payload()) {
            // Make sure the Ipv4Packet payload represents an TcpSegment
           if let Some(tcp_packet) = wiretap::TcpSegment::new(&ipv4_packet.payload()) {
                // Print out the interesting information
                println!("Packet: {}:{} --> {}:{}", ipv4_packet.get_source(), tcp_packet.get_source(), ipv4_packet.get_destination(), tcp_packet.get_destination() )
            }
        }
    }
}
 
fn main() {
    // Create a new PacketCapture with the default interface
    let pc = wiretap::PacketCapture::new_with_default().unwrap();
    // Start a capture on that interface
    let pc = pc.start_live_process(print_to_from);
    // Stuff happens
    thread::sleep(time::Duration::from_secs(15));
    // Stop the capture
    pc.stop_capture();
}

Re-exports§

pub use ethernet_frame::*;
pub use ipv4_packet::*;
pub use tcp_packet::*;

Modules§

ethernet_frame
ipv4_packet
tcp_packet

Structs§

Completed
Marker for PacketCapture struct
Initialized
Marker for PacketCapture struct
PacketCapture
Basic PacketCapture type
Started
Marker for PacketCapture struct
Uninitialized
Marker for PacketCapture struct

Traits§

Packet
Represents a generic network packet.