libpcap and Perl
The libpcap examples we have demonstrated so far have been in C, as the libpcap library is a C library. However, many interfaces and wrappers to libpcap exist for higher-level languages, such as Perl and Python. Using a high-level language has a number of advantages for developers not familiar with C, and for developers looking to quickly throw together a tool that works, without necessarily requiring it to be robust, scalable, or even stable. A tool written in Perl or Python is generally a lot smaller than an equivalent tool written in C.
Using a high-level language can also have some disadvantages, in that less commonly used functionality and new functionality within libpcap might not be supported properly, or even at all. Also, high-level languages are not a realistic option for tools requiring high throughput of packet processing, so you would not want to write a network IDS in a high-level language.
For the Perl scripting language, the package for
libpcap is called
Net::Pcap
. If a Net::Pcap
package is not available for your Linux distribution, you should be
able to install Net::Pcap
as follows:
perl -MCPAN -e 'install Net::Pcap'
This downloads the source code for the package and automatically
builds the package in most cases. If you are using Windows, your
install process might be different. The functions in
Net::Pcap
are very similar to the C functions, as are the parameters passed to the functions. Documentation of these functions is available on the module’s ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.