|
| |
 | ||
packetName send ?-interface if? ?-count n? ?-sleep n?
| size of the packet
|
|
| |
Send the packet count times to the network (pausing sleep milliseconds between each)
using the given interface.
If no interface is given, the default interface associated with the packet is used. The count is set
to 1 by default, and the pause to 0.
|
|
| ||
| ||
packetName receive/capture ?-interface if? ?-protocol proto? ?-filter text? ?-timeout t? ?-background? ?-getpacket? ?-waitpacket?
| size of the packet
|
|
| |
Try to capture a packet on the network waiting maximout of t milliseconds and using a filter if
specified (the filter is based on pcap, so see the man page of tcpdump for the syntax).
You can choose the interface used for the capture (or any to get packet from all the interfaces).
If you specify the proto, only the corresponding
ethernet protocol will be used (this matching is done before the application of the filter. By
default, all protocols are enabled ; you can enter a numerical value or one of the following
all, ip, arp, rarp, x25 or ipv6.
The options -background, -getpacket and -waitpacket can be used to do asynchronous
capture. Set the filter using the -backgournd mode, then use either -getpacket to get a
bufferized packet (no timeout, returns directly) or -waitpacket to wait for a packet (using optionnally
a timeout).
|
|
| ||
| ||
packetName handler ?-interface if? ?-protocol proto? ?-filter text? script
|
|
|
| |
Install an asynchronous packet handler with the given filter if specified (the filter is based on pcap,
so see the man page of tcpdump for the syntax), on the specified interface for the given protocol
(or any to get packet from all the interfaces).
Only the corresponding ethernet protocol will be used (this matching is done before the application of
the filter. By default, all protocols are enabled ; you can enter a numerical value or one of the following
all, ip, arp, rarp, x25 or ipv6.
script is executed each time a packet is received. The script can change the handler by re-invoking
the command (the old script will then be overwritten). To remove a handler, just return a break code from the
script (with either the break or return -code break command). This will remove the handler
associated with the packet.
|
|
| ||
| ||
packetName timestamp
| timestamp
|
|
| |
Returns the timestamp of a capture packet or 0 if the packet has not been captured.
|
|
| ||
| ||
packetName interface ?value?
| interface
|
|
| |
Query or set the interface associated with a packet. This interface is used when resolving
addresses (ethernet or IP). When a packet is captured/receive with the any interface,
this field tells the interface which actually got the packet.
|
|
| ||
| ||
filter create name ?-link type -filter text -netmask value -snaplen n?
| name
|
|
| |
Create a pre-compiled filter which can later be used with the 'packet match' comand to validate a filter against a packet.
The name given as the first argument will be used to reference this filter.
-link specifies the link type used by libpcap during the compilation into BPF code. The accepted values are :
ethernet, exp_ethernet, ax25, pronet, chaos,
token_ring, arcnet, slip, ppp, fddi, atm_rfc1483,
raw, slip_bsdos, ppp_bsdos,
c_hdlc, ieee802_11, atm_clip,
ppp_hdlc or null
-filter is the textual representation of the filter. Defaults to an empty string.
-netmask is the netmask value also used during compilation. Defaults to 0.
-spanlen is the snaplen value also used during compilation. Defaults to 65536.
|
|
| ||
| ||
filter configure name -option ?value?
|
|
|
| |
Get/set the value of the options. This will recompile the filter.
|
|
| ||
| ||
device interfaces
| list if interfaces
|
|
| |
Returns a list of all the interfaces attached to the host.
|
|
| ||
| ||
device defaultinterface ?interface?
| interface
|
|
| |
Query or set the default interface to use when creating packets.
addresses (ethernet or IP).
|
|
| ||
| ||
device ethernet ?interface?
device ip ?interface?
device netmask ?interface?
device mtu ?interface?
device description ?interface?
| ethernet address
IP address
network mask
MTU
MTU
|
|
| |
Returns some info about the ethernet and IP addresses, netmask and MTU of the host running GASP.
On Windows, description contains a string with some details about the interface; on Linux, the
description simply returns the name.
If no interface is specified, the default interface is used.
|
|
| ||
| ||
device arp ?-interface if? IPaddress
| ethernet address
|
|
| |
Return the ARP address for the IP address. This is done by sending an ARP request to the
network (via interface if) and waiting/analyzing the reply. The timeout is hard
coded to 1 second.
|
|
| ||
| ||
device resolvetimeout ?t?
| t
|
|
| |
Query or set the resolve timeout (in seconds) used when trying to resolve an IP
address to a fully qualified name. Default value is fixed to 1 second.
|
|
| ||
| ||
device nameresolution ?boolean?
| 0 or 1
|
|
| |
Enabled or disable the name resolution which converts IP addresses to FQDN.
Enabled by default.
|
|
| ||
| | |
