PcapFileEx.TCP (pcap_file_ex v0.5.5)
View SourceTCP stream helpers built on top of PcapFileEx.stream/2.
The module currently focuses on lightweight HTTP message reassembly by concatenating TCP payloads within each direction of a flow until an entire HTTP message (headers + optional body) has been collected. It operates on the packet order present in the capture and does not attempt full TCP retransmission or out-of-order handling – it is intended for clean captures (e.g. loopback traffic, lab fixtures).
Summary
Types
Directional TCP flow, as observed in the capture.
Functions
Returns a stream of reassembled HTTP messages (requests and/or responses) produced from the given capture or packet enumerable.
Convenience wrapper returning only HTTP requests.
Convenience wrapper returning only HTTP responses.
Types
@type flow_key() :: {PcapFileEx.Endpoint.t(), PcapFileEx.Endpoint.t()}
Directional TCP flow, as observed in the capture.
Functions
@spec stream_http_messages( Enumerable.t() | Path.t(), keyword() ) :: Enumerable.t()
Returns a stream of reassembled HTTP messages (requests and/or responses) produced from the given capture or packet enumerable.
Options
:types- list of HTTP types to emit ([:request],[:response], or both). Defaults to[:request].:max_buffer_bytes- maximum buffered payload per flow direction before the state is discarded. Defaults to4_000_000(4 MB).:filter- predicate functionfn %HTTPMessage{} -> booleanused to filter emitted messages.:packet_filter- predicatefn %Packet{} -> booleanto pre-filter packets before they reach the reassembler (defaults to accepting any TCP packet with payload).
The function yields a lazy stream; consumers can compose additional filters or transformations on top.
@spec stream_http_requests( Enumerable.t() | Path.t(), keyword() ) :: Enumerable.t()
Convenience wrapper returning only HTTP requests.
@spec stream_http_responses( Enumerable.t() | Path.t(), keyword() ) :: Enumerable.t()
Convenience wrapper returning only HTTP responses.