CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
Search Posts SEARCH
Who's Online WHO'S
Log in LOG

Home: Perl Programming Help: Intermediate: $Log->Read() -Multiple Files Help-: Edit Log


Jan 24, 2012, 2:25 PM

Views: 7789
$Log->Read() -Multiple Files Help-

Hi i have been working on a program to read my pcap files and having issues with the code reading multiple files. I had it hard coded before to read a single Pcap file at a time but we are now producing multiple pcap files and need it to be able to read a directory of pcap files at a time. Please help me with fix my code!

 #!/usr/bin/perl -w   

use DBI;
use Net::TcpDumpLog;
use NetPacket::Ethernet;
use NetPacket::IP;
use NetPacket::TCP;
use Net::Pcap;

#Login to mysql
$dbh = DBI->connect('DBI:mysql:test', 'root', 'root'
) || die "Could not connect to +database: $DBI::errstr";

####HERE TO EXIT NEEDS WORK!my $dir = 'C:\\Documents and Settings\\jordant\\Desktop\\Dump\\';

opendir(DIR, $dir) or die $!;

while (my $file = readdir(DIR)) {

# We only want files
next unless (-f "$dir/$file");

# Use a regular expression to find files ending in .pcap
next unless ($file =~ m/\.pcap$/);

my $log = Net::TcpDumpLog->new();
print $file;
exit 0;

#INFO from PCAP file
foreach my $index ($log->indexes) {
my ($length_orig, $length_incl, $drops, $secs, $msecs) = $log->header($index);
my $data = $log->data($index);

my $eth_obj = NetPacket::Ethernet->decode($data);
next unless $eth_obj->{type} == NetPacket::Ethernet::ETH_TYPE_IP;

my $ip_obj = NetPacket::IP->decode($eth_obj->{data});
next unless $ip_obj->{proto} == NetPacket::IP::IP_PROTO_TCP;

my $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});

#get date time stamp of packet
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($secs + $msecs/1000);
my $time = sprintf("%02d-%02d %02d:%02d:%02d",
$mon, $mday, $hour, $min, $sec);

#Info in Table

$dbh->do( "INSERT INTO test2 (Date,Source,Destination,Packets,Port)
values (


Right now my issue is it gives back a ERROR: Can't read log 2.pcap: no such file or directory.

The area that needs work is #### please let me know if you can help. Thanks

PS: The print and exit below the bold were only to diagnose the issue.

(This post was edited by jboy4 on Jan 24, 2012, 2:27 PM)

Edit Log:
Post edited by jboy4 (Novice) on Jan 24, 2012, 2:27 PM

Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives