File Coverage

blib/lib/Socket/Packet.pm

Criterion	Covered	Total	%
statement	12	12	100.0
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	16	16	100.0

line	stmt	sub	time	code
1				# You may distribute under the terms of either the GNU General Public License
2				# or the Artistic License (the same terms as Perl itself)
3				#
4				# (C) Paul Evans, 2009-2012 -- leonerd@leonerd.org.uk
5
6				package Socket::Packet;
7
8	8	8	159635	use strict;
	8		21
	8		355
9	8	8	52	use warnings;
	8		28
	8		287
10
11	8	8	54	use Carp;
	8		16
	8		1003
12
13				our $VERSION = '0.10';
14
15	8	8	46	use Exporter 'import';
	8		13
	8		2005
16				our @EXPORT_OK = qw(
17				pack_sockaddr_ll unpack_sockaddr_ll
18				pack_packet_mreq unpack_packet_mreq
19				unpack_tpacket_stats
20				siocgstamp
21				siocgstampns
22				siocgifindex
23				siocgifname
24				recv_len
25
26				setup_rx_ring
27				get_ring_frame_status
28				get_ring_frame
29				done_ring_frame
30				);
31
32				require XSLoader;
33				XSLoader::load( __PACKAGE__, $VERSION );
34
35				=head1 NAME
36
37				C - interface to Linux's C socket family
38
39				=head1 SYNOPSIS
40
41				use Socket qw( SOCK_RAW );
42				use Socket::Packet qw(
43				PF_PACKET
44				ETH_P_ALL
45				pack_sockaddr_ll unpack_sockaddr_ll
46				);
47
48				socket( my $sock, PF_PACKET, SOCK_RAW, 0 )
49				or die "Cannot socket() - $!\n";
50
51				bind( $sock, pack_sockaddr_ll( ETH_P_ALL, 0, 0, 0, "" ) )
52				or die "Cannot bind() - $!\n";
53
54				while( my $addr = recv( $sock, my $packet, 8192, 0 ) ) {
55				my ( $proto, $ifindex, $hatype, $pkttype, $addr )
56				= unpack_sockaddr_ll( $addr );
57
58				...
59				}
60
61				=head1 DESCRIPTION
62
63				To quote C:
64
65				Packet sockets are used to receive or send raw packets at the device driver
66				(OSI Layer 2) level. They allow the user to implement protocol modules in
67				user space on top of the physical layer.
68
69				Sockets in the C family get direct link-level access to the
70				underlying hardware (i.e. Ethernet or similar). They are usually used to
71				implement packet capturing, or sending of specially-constructed packets
72				or to implement protocols the underlying kernel does not recognise.
73
74				The use of C sockets is usually restricted to privileged users
75				only.
76
77				This module also provides various other support functions which wrap
78				Cs or socket options. This includes support for C,
79				the high-performance zero-copy packet receive buffering, if the underlying
80				platform supports it.
81
82				=cut
83
84				=head1 CONSTANTS
85
86				The following constants are exported
87
88				=over 8
89
90				=item PF_PACKET
91
92				The packet family (for C calls)
93
94				=item AF_PACKET
95
96				The address family
97
98				=item PACKET_HOST
99
100				This packet is inbound unicast for this host.
101
102				=item PACKET_BROADCAST
103
104				This packet is inbound broadcast.
105
106				=item PACKET_MULTICAST
107
108				This packet is inbound multicast.
109
110				=item PACKET_OTHERHOST
111
112				This packet is inbound unicast for another host.
113
114				=item PACKET_OUTGOING
115
116				This packet is outbound.
117
118				=item ETH_P_ALL
119
120				Pseudo-protocol number to capture all protocols.
121
122				=item SOL_PACKET
123
124				Socket option level for C and C.
125
126				=back
127
128				=cut
129
130				=head1 SOCKET OPTIONS
131
132				The following constants define socket options
133
134				=over 8
135
136				=item PACKET_STATISTICS (get; struct tpacket_stats)
137
138				Packet received and drop counters.
139
140				=item PACKET_ORIGDEV (get or set; int)
141
142				Received packets will indicate the originally-received device, rather than the
143				apparent one. This mainly relates to Ethernet bonding or VLANs.
144
145				This socket option is optional, and may not be provided on all platforms.
146
147				=item PACKET_ADD_MEMBERSHIP (set; struct packet_mreq)
148
149				=item PACKET_DROP_MEMBERSHIP (set; struct packet_mreq)
150
151				Membership of multicast or broadcast groups, or set promiscuous mode.
152
153				The C C field should be one of the following:
154
155				=over 4
156
157				=item PACKET_MR_MULTICAST
158
159				A multicast group
160
161				=item PACKET_MR_PROMISC
162
163				Set or clear the promiscuous flag; the address is ignored
164
165				=item PACKET_MR_ALLMULTI
166
167				Set or clear the allmulti flag; the address is ignored
168
169				=back
170
171				=back
172
173				=cut
174
175				=head1 FUNCTIONS
176
177				The following pair of functions operate on C address structures.
178				The meanings of the parameters are:
179
180				=over 8
181
182				=item protocol
183
184				An ethertype protocol number. When using an address with C, the
185				constant C can be used instead, to capture any protocol. The
186				C and C functions byte-swap this
187				value to or from network endian order.
188
189				=item ifindex
190
191				The index number of the interface on which the packet was sent or received.
192				When using an address with C, the value C<0> can be used instead, to
193				watch all interfaces.
194
195				=item hatype
196
197				The hardware ARP type of hardware address.
198
199				=item pkttype
200
201				The type of the packet; indicates if it was sent or received. Will be one of
202				the C values.
203
204				=item addr
205
206				The underlying hardware address, in the type given by C.
207
208				=back
209
210				=head2 $a = pack_sockaddr_ll( $protocol, $ifindex, $hatype, $pkttype, $addr )
211
212				Returns a C structure with the fields packed into it.
213
214				=head2 ( $protocol, $ifindex, $hatype, $pkttype, $addr ) = unpack_sockaddr_ll( $a )
215
216				Takes a C structure and returns the unpacked fields from it.
217
218				=head2 $mreq = pack_packet_mreq( $ifindex, $type, $addr )
219
220				Returns a C structure with the fields packed into it.
221
222				=head2 ( $ifindex, $type, $addr ) = unpack_packet_mreq( $mreq )
223
224				Takes a C structure and returns the unpacked fields from it.
225
226				=head2 ( $packets, $drops ) = unpack_tpacket_stats( $stats )
227
228				Takes a C structure from the C sockopt and
229				returns the unpacked fields from it.
230
231				=head2 $time = siocgstamp( $sock )
232
233				=head2 ( $sec, $usec ) = siocgstamp( $sock )
234
235				Returns the timestamp of the last received packet on the socket (as obtained
236				by the C C). In scalar context, returns a single
237				floating-point value in UNIX epoch seconds. In list context, returns the
238				number of seconds, and the number of microseconds.
239
240				=head2 $time = siocgstampns( $sock )
241
242				=head2 ( $sec, $nsec ) = siocgstampns( $sock )
243
244				Returns the nanosecond-precise timestamp of the last received packet on the
245				socket (as obtained by the C C). In scalar context,
246				returns a single floating-point value in UNIX epoch seconds. In list context,
247				returns the number of seconds, and the number of nanoseconds.
248
249				=head2 $ifindex = siocgifindex( $sock, $ifname )
250
251				Returns the C of the interface with the given name if one exists, or
252				C if not. C<$sock> does not need to be a C socket, any
253				socket handle will do.
254
255				=head2 $ifname = siocgifname( $sock, $ifindex )
256
257				Returns the C of the interface at the given index if one exists, or
258				C if not. C<$sock> does not need to be a C socket, any
259				socket handle will do.
260
261				=head2 ( $addr, $len ) = recv_len( $sock, $buffer, $maxlen, $flags )
262
263				Similar to Perl's C builtin, except it returns the packet length as an
264				explict return value. This may be useful if C<$flags> contains the
265				C flag, obtaining the true length of the packet on the wire, even
266				if this is longer than the data written in the buffer.
267
268				=cut
269
270				=head1 RING-BUFFER FUNCTIONS
271
272				The following functions operate on the high-performance memory-mapped buffer
273				feature of C, allowing efficient packet-capture applications to
274				share a buffer with the kernel directly, avoiding the need for per-packet
275				system calls to C (and possibly C to obtain the timestamp).
276
277				The ring-buffer is optional, and may not be implemented on all platforms. If
278				it is not implemented, then all the following functions will die with an error
279				message.
280
281				=cut
282
283				=head2 $size = setup_rx_ring( $sock, $frame_size, $frame_nr, $block_size )
284
285				Sets up the ring-buffer on the socket. The buffer will store C<$frame_nr>
286				frames of up to C<$frame_size> bytes each (including metadata headers), and
287				will be split in the kernel in blocks of C<$block_size> bytes. C<$block_size>
288				should be a power of 2, at minimum, 4KiB.
289
290				If successful, the overall size of the buffer in bytes is returned. If not,
291				C is returned, and C<$!> will hold the error value.
292
293				=head2 $status = get_ring_frame_status( $sock )
294
295				Returns the frame status of the next frame in the ring.
296
297				The following constants are defined for the status:
298
299				=over 8
300
301				=item TP_STATUS_KERNEL
302
303				This frame belongs to the kernel and userland should not touch it.
304
305				=item TP_STATUS_USER
306
307				This frame belongs to userland and the kernel will not modify it.
308
309				=item TP_STATUS_LOSING
310
311				Bitwise-or'ed with the status if packet loss has occurred since the previous
312				frame.
313
314				=back
315
316				=head2 $len = get_ring_frame( $sock, $buffer, \%info )
317
318				If the next frame is ready for userland, fills in keys of the C<%info> hash
319				with its metadata, sets C<$buffer> to its contents, and return the length of
320				the data. The C<$buffer> variable has its string backing buffer aliased,
321				rather than the buffer copied into, for performance. The caller should not
322				modify the variable, nor attempt to access it after the socket has been
323				closed.
324
325				If the frame is not yet ready, this function returns undef.
326
327				The following fields are returned:
328
329				=over 8
330
331				=item tp_status
332
333				The status of the frame; see C
334
335				=item tp_len
336
337				The length of the packet on the wire, in bytes
338
339				=item tp_snaplen
340
341				The length of the packet captured and stored in the buffer, in bytes. This may
342				be shorter than C if, for example, a filter is set on the socket that
343				truncated the packet.
344
345				=item tp_sec
346
347				=item tp_nsec
348
349				The seconds and nanoseconds fields of the timestamp. If the underlying
350				platform does not support C, then this field will only have a
351				resolution of microseconds; i.e. it will be a whole multiple of 1000.
352
353				=item tp_vlan_tci
354
355				VLAN information about the packet, if the underlying platform supports
356				C. If this is not supported, the key will not be present in the
357				hash
358
359				=item sll_protocol
360
361				=item sll_ifindex
362
363				=item sll_hatype
364
365				=item sll_pkttype
366
367				=item sll_addr
368
369				Fields from the C; see above for more detail
370
371				=back
372
373				=head2 clear_ring_frame( $sock )
374
375				Clears the status of current frame to hand it back to the kernel and moves on
376				to the next.
377
378				=cut
379
380				=head1 SEE ALSO
381
382				=over 4
383
384				=item *
385
386				L - Object interface to C domain sockets
387
388				=item *
389
390				L - interface to Linux's socket packet filtering
391
392				=item *
393
394				C - packet, AF_PACKET - packet interface on device level
395
396				=back
397
398				=head1 AUTHOR
399
400				Paul Evans
401
402				=cut
403
404				0x55AA;