PcapFileEx.Packet (pcap_file_ex v0.1.5)

View Source

Represents a captured network packet.

Summary

Types

layer()
t()

Functions

attach_decoded(packet)

Attaches the decoded payload (when available) to the packet's decoded map.

decode_http(packet)

Decodes the HTTP payload into a structured representation.

decode_http!(packet)

Same as decode_http/1 but raises on error.

decode_registered(packet)

Attempts to decode the payload using the registered application decoders.

decode_registered!(packet)

Convenience variant of decode_registered/1 that returns the decoded value or nil. Raises on decoder errors.

endpoint_to_string(endpoint)

Formats an endpoint as "ip:port" (or just ip when the port is absent).

from_map(map)

Creates a Packet struct from a map returned by the NIF.

http_payload(packet)

Extracts the HTTP payload (if any) from the packet.

known_protocols()

Returns the list of protocols that may appear in packet.protocols.

pkt_decode(packet)

Convenience wrapper around :pkt.decode/2 that uses the packet's link type.

pkt_decode!(packet)

Same as pkt_decode/1 but returns the decoded value directly or raises on error.

pkt_protocol(packet)

Returns the suggested :pkt protocol atom for the packet's link type.

udp_payload(packet)

Extracts the UDP payload from the packet.

Types

layer()

@type layer() :: tuple() | atom() | map()

t()

@type t() :: %PcapFileEx.Packet{
  data: binary(),
  datalink: String.t() | nil,
  decoded: %{optional(atom()) => term()},
  dst: PcapFileEx.Endpoint.t() | nil,
  interface: PcapFileEx.Interface.t() | nil,
  interface_id: non_neg_integer() | nil,
  layers: [layer()] | nil,
  orig_len: non_neg_integer(),
  payload: binary() | nil,
  protocol: atom() | nil,
  protocols: [atom()],
  src: PcapFileEx.Endpoint.t() | nil,
  timestamp: DateTime.t(),
  timestamp_resolution: PcapFileEx.Interface.timestamp_resolution() | nil
}

Functions

attach_decoded(packet)

@spec attach_decoded(t()) :: t()

Attaches the decoded payload (when available) to the packet's decoded map.

decode_http(packet)

@spec decode_http(t()) :: {:ok, PcapFileEx.HTTP.t()} | {:error, atom() | tuple()}

Decodes the HTTP payload into a structured representation.

decode_http!(packet)

@spec decode_http!(t()) :: PcapFileEx.HTTP.t()

Same as decode_http/1 but raises on error.

decode_registered(packet)

@spec decode_registered(t()) :: {:ok, {atom(), term()}} | :no_match | {:error, term()}

Attempts to decode the payload using the registered application decoders.

Returns {:ok, {protocol, decoded}} when a decoder matches, :no_match when none do, or {:error, reason} if the decoder raises or returns an error tuple.

decode_registered!(packet)

@spec decode_registered!(t()) :: term() | nil

Convenience variant of decode_registered/1 that returns the decoded value or nil. Raises on decoder errors.

endpoint_to_string(endpoint)

@spec endpoint_to_string(PcapFileEx.Endpoint.t() | nil) :: String.t() | nil

Formats an endpoint as "ip:port" (or just ip when the port is absent).

from_map(map)

@spec from_map(map()) :: t()

Creates a Packet struct from a map returned by the NIF.

http_payload(packet)

@spec http_payload(t()) :: {:ok, binary()} | {:error, atom() | tuple()}

Extracts the HTTP payload (if any) from the packet.

known_protocols()

@spec known_protocols() :: [atom()]

Returns the list of protocols that may appear in packet.protocols.

pkt_decode(packet)

@spec pkt_decode(t()) :: term()

Convenience wrapper around :pkt.decode/2 that uses the packet's link type.

pkt_decode!(packet)

@spec pkt_decode!(t()) :: term()

Same as pkt_decode/1 but returns the decoded value directly or raises on error.

pkt_protocol(packet)

@spec pkt_protocol(t()) :: atom()

Returns the suggested :pkt protocol atom for the packet's link type.

udp_payload(packet)

@spec udp_payload(t()) :: {:ok, binary()} | {:error, atom() | tuple()}

Extracts the UDP payload from the packet.