{"id":13775426,"url":"https://github.com/postmodern/ffi-pcap","last_synced_at":"2025-03-21T10:32:13.200Z","repository":{"id":56846252,"uuid":"456588","full_name":"postmodern/ffi-pcap","owner":"postmodern","description":"Ruby FFI bindings for libpcap.","archived":false,"fork":false,"pushed_at":"2023-03-08T02:21:28.000Z","size":389,"stargazers_count":43,"open_issues_count":2,"forks_count":9,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-05-18T20:37:43.536Z","etag":null,"topics":["ffi-bindings","pcap","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/postmodern.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2010-01-03T02:39:07.000Z","updated_at":"2023-08-28T17:12:42.000Z","dependencies_parsed_at":"2023-12-04T12:20:04.169Z","dependency_job_id":"32812258-cbd9-494a-bfb4-12e97af56bde","html_url":"https://github.com/postmodern/ffi-pcap","commit_stats":null,"previous_names":["sophsec/ffi-pcap"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postmodern%2Fffi-pcap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postmodern%2Fffi-pcap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postmodern%2Fffi-pcap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postmodern%2Fffi-pcap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/postmodern","download_url":"https://codeload.github.com/postmodern/ffi-pcap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244135589,"owners_count":20403797,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ffi-bindings","pcap","ruby"],"created_at":"2024-08-03T17:01:38.546Z","updated_at":"2025-03-21T10:32:12.841Z","avatar_url":"https://github.com/postmodern.png","language":"Ruby","readme":"# ffi-pcap\n\n* [Source](https://github.com/sophsec/ffi-pcap/)\n* [Issues](https://github.com/sophsec/ffi-pcap/issues)\n* [Documentation](http://rubydoc.info/gems/ffi-pcap/frames)\n* Postmodern (postmodern.mod3 at gmail.com)\n* Eric Monti (esmonti at gmail.com)\n\n## Description\n\nRuby FFI bindings for libpcap.\n\n## Features\n\nExposes all features of the libpcap library including live packet capture, \noffline packet capture, live packet injection, etc..\n\nCurrently, FFI::PCap does _not_ supply any packet dissection routines. \nThe choice of what to use is left up to you.\n\nPacket dissection libraries:\n\n* [ffi-packets] - Maps raw packets to `FFI::Struct` objects.\n\n## Examples\n\nReading ICMP packets from a live interface.\n\n    require 'rubygems'\n    require 'ffi/pcap'\n\n    pcap =\n      FFI::PCap::Live.new(:dev =\u003e 'lo0',\n                          :timeout =\u003e 1,\n                          :promisc =\u003e true,\n                          :handler =\u003e FFI::PCap::Handler)\n\n    pcap.setfilter(\"icmp\")\n\n    pcap.loop() do |this,pkt|\n      puts \"#{pkt.time}:\"\n\n      pkt.body.each_byte {|x| print \"%0.2x \" % x }\n      putc \"\\n\"\n    end\n\nReading packets from a pcap dump file:\n\n    require 'rubygems'\n    require 'ffi/pcap'\n\n    pcap = FFI::PCap::Offline.new(\"./foo.cap\")\n\n    pcap.loop() do |this,pkt|\n      puts \"#{pkt.time}:\"\n\n      pkt.body.each_byte {|x| print \"%0.2x \" % x }\n      putc \"\\n\"\n    end\n\nReplaying packets from a pcap dump file on a live interface:\n\n    require 'rubygems'\n    require 'ffi/pcap'\n\n    live = FFI::PCap::Live.new(:device =\u003e 'en0')\n    offline = FFI::PCap::Offline.new(\"./foo.cap\")\n\n    if live.datalink == offline.datalink\n      offline.loop() {|this,pkt| live.inject(pkt) }\n    end\n\n## Requirements\n\n* [libpcap] or [winpcap] \u003e= 1.0.0\n* [ffi] ~\u003e 0.6.0\n* [ffi_dry] ~\u003e 0.1.9\n\n## Install\n\n    $ sudo gem install ffi-pcap\n\n## License\n\nSee {file:LICENSE.txt} for license information.\n\n[libpcap]: http://www.tcpdump.org/\n[winpcap]: http://winpcap.org/\n\n[ffi]: https://github.com/ffi/ffi#readme\n[ffi_dry]: https://github.com/emonti/ffi_dry#readme\n[ffi-packets]: http://github.com/emonti/ffi-packets#readme\n","funding_links":[],"categories":["\u003ca id=\"8bc2e181f74ba67ec93fd2a13d95cc0c\"\u003e\u003c/a\u003elibpcap"],"sub_categories":["\u003ca id=\"b239f12aca7aa942b45836032cbef99a\"\u003e\u003c/a\u003e转换"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostmodern%2Fffi-pcap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpostmodern%2Fffi-pcap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostmodern%2Fffi-pcap/lists"}