Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/courvoif/pcap-file

Crate to read and write pcap and pcapng files in RUST.
https://github.com/courvoif/pcap-file

pcap rust

Last synced: 25 days ago
JSON representation

Crate to read and write pcap and pcapng files in RUST.

Host: GitHub
URL: https://github.com/courvoif/pcap-file
Owner: courvoif
License: mit
Created: 2017-06-25T10:59:03.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2024-07-15T22:32:28.000Z (5 months ago)
Last Synced: 2024-10-31T11:25:56.569Z (about 1 month ago)
Topics: pcap, rust
Language: Rust
Homepage:
Size: 245 KB
Stars: 37
Watchers: 2
Forks: 18
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-network-stuff - **16**星

README

        # pcap-file

Provides parsers, readers and writers for Pcap and PcapNg files.

For Pcap files see the pcap module.

For PcapNg files see the pcapng module.

[![Crates.io](https://img.shields.io/crates/v/pcap-file.svg)](https://crates.io/crates/pcap-file)

[![rustdoc](https://img.shields.io/badge/Doc-pcap--file-green.svg)](https://docs.rs/pcap-file/)

[![Crates.io](https://img.shields.io/crates/l/pcap-file.svg)](https://github.com/courvoif/pcap-file/blob/master/LICENSE)

## Documentation

## Installation

This crate is on [crates.io](https://crates.io/crates/pcap-file).

Add it to your `Cargo.toml`:

```toml

[dependencies]

pcap-file = "3.0.0-rc1"

```

## Examples

### PcapReader

```rust,no_run

use std::fs::File;

use pcap_file::pcap::PcapReader;

let file_in = File::open("test.pcap").expect("Error opening file");

let mut pcap_reader = PcapReader::new(file_in).unwrap();

// Read test.pcap

while let Some(pkt) = pcap_reader.next_packet() {

    //Check if there is no error

    let pkt = pkt.unwrap();

    //Do something

 }

```

### PcapNgReader

```rust,no_run

use std::fs::File;

use pcap_file::pcapng::PcapNgReader;

let file_in = File::open("test.pcapng").expect("Error opening file");

let mut pcapng_reader = PcapNgReader::new(file_in).unwrap();

// Read test.pcapng

while let Some(block) = pcapng_reader.next_block() {

    // Check if there is no error

    let block = block.unwrap();

    //  Do something

}

```

## Fuzzing

Currently there are 4 crude harnesses to check that the parser won't panic in any situation. To start fuzzing you must install `cargo-fuzz` with the command:

```bash

$ cargo install cargo-fuzz

```

And then, in the root of the repository, you can run the harnesses as:

```bash

$ cargo fuzz run pcap_reader

$ cargo fuzz run pcap_ng_reader

$ cargo fuzz run pcap_parser

$ cargo fuzz run pcap_ng_parser

```

Keep in mind that libfuzzer by default uses only one core, so you can either run all the harnesses in different terminals, or you can pass the `-jobs` and `-workers` attributes. More info can be found in its documentation [here](https://llvm.org/docs/LibFuzzer.html).

To get better crash reports add to you rust flags: `-Zsanitizer=address`.

E.g.

```bash

RUSTFLAGS="-Zsanitizer=address" cargo fuzz run pcap_reader

```

## License

Licensed under MIT.

## Disclaimer

To test the library I used the excellent PcapNg testing suite provided by [hadrielk](https://github.com/hadrielk/pcapng-test-generator).