I'm new here, so please be gentle.
This question revolves around VB.net / VS2010 / MSMQ 4.0
I'm developing an application that has MSMQ at its heart. There are (currently) 3 separate VB solutions each of which send and receive message to a queue.
I tried using the XMLMessageFormatter and ran into problems with that, plus this is a high performance, time critical app and I understand that XMLMessaegFormatter has a high overhead, so I've switched over to using BinaryMessageFormatter for the messages.
I've established a class (clsTMessage) which provides the structure for the message data and resides in its own .vb file attached to the solution. I realize that the downside of using Binaryformatter is that the exact same class (down to version and all) has to encode and decode the messages and indeed I'm seeing that problem.
So I figured, no problem, I'd just copy clsTmessage.vb to each solution, but that doesn't quite do the trick as the messages encodes with the namespace of the host assemby and therefore the next solution to pick up the message is technically looking for a different class to decode it.
In this example, for instance, you can see that TelemanusWorkbench Version 1.0.0.0 encoded the message using TelemanusWorkbench.clsTMessage.
00 01 00 00 00 FF FF FF .....ÿÿÿ
FF 01 00 00 00 00 00 00 ÿ.......
00 0C 02 00 00 00 49 54 ......IT
65 6C 65 6D 61 6E 75 73 elemanus
57 6F 72 6B 62 65 6E 63 Workbenc
68 2C 20 56 65 72 73 69 h, Versi
6F 6E 3D 31 2E 30 2E 30 on=1.0.0
2E 30 2C 20 43 75 6C 74 .0, Cult
75 72 65 3D 6E 65 75 74 ure=neut
72 61 6C 2C 20 50 75 62 ral, Pub
6C 69 63 4B 65 79 54 6F licKeyTo
6B 65 6E 3D 6E 75 6C 6C ken=null
05 01 00 00 00 1E 54 65 ......Te
6C 65 6D 61 6E 75 73 57 lemanusW
6F 72 6B 62 65 6E 63 68 orkbench
2E 63 6C 73 54 4D 65 73 .clsTMes
73 61 67 65 09 00 00 00 sage....
0E 6E 65 77 4D 65 73 73 .newMess
61 67 65 54 79 70 65 12 ageType.
6E 65 77 50 72 6F 74 6F newProto
63 6F 6C 56 65 72 73 69 colVersi
6F 6E 0D 6E 65 77 49 64 on.newId
65 6E 74 69 66 69 65 72 entifier
0B 6E 65 77 53 6F 75 72 .newSour
63 65 49 50 0D 6E 65 77 ceIP.new
53 6F 75 72 63 65 50 6F SourcePo
72 74 10 6E 65 77 44 65 rt.newDe
73 74 69 6E 61 74 69 6F stinatio
6E 49 50 12 6E 65 77 44 nIP.newD
65 73 74 69 6E 61 74 69 estinati
6F 6E 50 6F 72 74 0C 6E onPort.n
65 77 54 69 6D 65 73 74 ewTimest
61 6D 70 0E 6E 65 77 4D amp.newM
65 73 73 61 67 65 42 6F essageBo
64 79 01 01 01 01 01 01 dy......
01 00 01 0D 02 00 00 00 ........
06 03 00 00 00 03 44 46 ......DF
58 06 04 00 00 00 01 30 X......0
06 05 00 00 00 0C 30 30 ......00
30 30 30 30 30 30 30 30 00000000
30 30 06 06 00 00 00 07 00......
30 2E 30 2E 30 2E 30 06 0.0.0.0.
07 00 00 00 01 30 06 08 .....0..
00 00 00 0B 31 39 32 2E ....192.
31 36 38 2E 31 2E 31 06 168.1.1.
09 00 00 00 04 35 30 30 .....500
30 20 46 FE 12 F9 32 CF 0 Fþ.ù2Ï
88 06 0A 00 00 00 49 70 .....Ip
2C 31 2C 31 32 33 34 35 ,1,12345
36 37 38 39 30 31 32 33 67890123
34 35 36 37 38 39 2C 31 456789,1
32 33 34 35 36 37 38 39 23456789
30 31 32 33 34 35 2C 31 012345,1
2C 69 6E 74 65 72 6E 65 ,interne
74 2C 75 73 65 72 6E 61 t,userna
6D 65 2C 70 61 73 73 77 me,passw
6F 72 64 2C 30 2C 33 30 ord,0,30
0B .
When I pick up the message from another solution/project within the app, it fails to parse the message even though it has an identical copy of clsTMessage it's in namespace TelemanusListener.clsTMessage.
Given that it's generically a bad idea to have multiple copies of the class in different parts of the app anyway, what's the reccomended way to do this ? I've read what MSDN has to say bout this, but it's very thin on how to actually implement it.
Hope I've explained that well enought, if not please ask for more info.
Duncan
Yes. One class library with a public message type needs to be referenced from the two projects.
Bit of warning about automatic properties - don't use them within classes that need to be serialised/deserialised. Each time a class type is compiled into an assembly, the compiler creates a randomly named backing field for each automatic property. This can cause serialisation problems when you deploy the one/same class library compiled at different times with different projects.
Related
i've coded a sniffer with libpcap dealing with data link layer. but i've implemented only the ethernet part. Since this morning, i receive this kind of frame all day long. Could you help me to find the protocol used there and the layer ?
Thx
FF FF FF FF FF FF 0A 61 FC 80 B6 EF 26 00 00 00 AF 81 01 00 61 65 72 6F 68 69 76 65 20 67 72 61 74 75 69 74 6F 75 73 20 61 72 70 2C 20 61 70 5F 6D 61 63 3D 66 34 65 61 3A 62 35 36 35 3A 33 61 30 30 2C 20 69 70 3D 31 30 2E 31 33 36 2E 31 2E 34 34 2C 20 73 65 71 3D 32 37 65 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF
destination MAC
0A 61 FC 80 B6 EF
source MAC
26 00
Ethertype
00 00 AF 81 01 00 61 65 72 6F 68 69 76 65 20 67 72 61 74 75 69 74 6F 75 73 20 61 72 70 2C 20 61 70 5F 6D 61 63 3D 66 34 65 61 3A 62 35 36 35 3A 33 61 30 30 2C 20 69 70 3D 31 30 2E 31 33 36 2E 31 2E 34 34 2C 20 73 65 71 3D 32 37 65 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Data: ÿÿÿÿÿÿ
aü¶ï&¯aerohive gratuitous arp, ap_mac=f4ea:b565:3a00, ip=10.136.1.44, seq=27ea
I want to host a binary file on a web-based hosting service for git (i.e. GitHub) so I can easily see any changes made to it.
The binary file in question uses the common ASCII character encoding so that this binary
73 63 6F 70 65 20 68 75 72 72 72 20 69 6E 69 74 69 61 6C 69 7A 65 72 20 64 65 72 70 0D 0A 20 20 20 20 66 75 6E 63 74 69 6F 6E 20 64 65 72 70 20 74 61 6B 65 73 20 6E 6F 74 68 69 6E 67 20 72 65 74 75 72 6E 73 20 6E 6F 74 68 69 6E 67 0D 0A 20 20 20 20 20 20 20 20 63 61 6C 6C 20 53 65 74 53 74 61 72 74 4C 6F 63 50 72 69 6F 28 24 42 2C 24 41 2C 24 41 2C 4D 41 50 5F 4C 4F 43 5F 50 52 49 4F 5F 48 49 47 48 29 0D 0A 20 20 20 20 65 6E 64 66 75 6E 63 74 69 6F 6E 0D 0A 65 6E 64 73 63 6F 70 65
becomes this readable text (†)
scope hurrr initializer derp
function derp takes nothing returns nothing
call SetStartLocPrio($B,$A,$A,MAP_LOC_PRIO_HIGH)
endfunction
endscope
The problem is that services like GitHub will only show me the raw binary when I want to view the file in-browser (or have me download and open it in a text editor):
Right now, to have any changes made, I have to download the changed binary file, convert it to readable text, then use diff to see what changes have been made. This is tedious and loses the beautiful web interface that GitHub has.
So my question is this: Can I tell GitHub (or any equivalent service) to translate a binary file to readable text?
--
(†) For anyone interested in trivia, this is indeed vJass syntax for WarCraft III.
I'm sending the following OSC message to a Behringer X32 mixer:
00000000 2f 6e 6f 64 65 00 00 00 2c 73 00 00 63 6f 6e 66 /node... ,s..conf
00000010 69 67 2f 63 68 6c 69 6e 6b 00 00 00 ig/chlin k...
I'm getting this message back:
00000000 6e 6f 64 65 00 00 00 00 2c 73 00 00 2f 63 6f 6e node.... ,s../con
00000010 66 69 67 2f 63 68 6c 69 6e 6b 20 4f 46 46 20 4f fig/chli nk OFF O
00000020 4e 20 4f 4e 20 4f 4e 20 4f 46 46 20 4f 4e 20 4f N ON ON OFF ON O
00000030 46 46 20 4f 46 46 20 4f 4e 20 4f 4e 20 4f 4e 20 FF OFF O N ON ON
00000040 4f 4e 20 4f 46 46 20 4f 46 46 20 4f 46 46 20 4f ON OFF O FF OFF O
00000050 46 46 0a 00 FF..
It seems that the address in the response is malformed as it does not begin with a preceding slash character /.
According to the OSC 1.0 specification:
An OSC Address Pattern is an OSC-string beginning with the character '/' (forward slash).
Is the packet I'm getting back from the mixer simply an invalid OSC message that I need to deal with, or is there some meaning or convention behind the omission of the slash character?
Found in Patrick-Gilles Maillot's unofficial documentation:
Note/bug: the response from the Server is “node…” and not “/node…” as one could expect. This is not OSC compliant.
I am new to Perl and trying to use the Net::Pcap::Reassemble - IP fragment reassembly for Net::Pcap. I am trying to reassemble TCP packets and "tie" the packets streams of interest and print the "tied" hex output for that data of interest. Here is the code below and and the printed output I get. The printed output is two separate Hex dumps (denoted by "Hex Payload:" string). It is apparent I am not calling Net::Pcap::Reassemble module correctly. The desire end output that I am trying to achieve is below, taken from the printed output. Can someone please point me into the right direction in using this module to achieve my desired output? Thank you.
my $user_data;
my $header;
my $packet;
my $err ='';
my $pcap = Net::Pcap::open_offline("./pcap", \$err) or die "can't open ./pcap...$err\n";
Net::Pcap::loop($pcap, -1, \&process_pkt, '');
Net::Pcap::Reassemble::loop($pcap, -1, \&process_pkt, '');
Net::Pcap::close($pcap);
my $ip;
my $tcp;
my $payload;
sub process_pkt
{
my ($user_data,$header, $packet) = #_;
$ip = NetPacket::IP->decode(eth_strip($packet));
$tcp = NetPacket::TCP->decode($ip->{data});
$payload = $tcp->{data};
my $hexPayload = hexdump(data => $payload, start_position => 0) if length $payload;
print "Hex Payload:". $hexPayload;
}
Output (this is what I currently get, but want to concatenate it together):
Hex Payload: 0x0000 : 47 45 54 20 2F 6D 61 63 2F 5F 62 61 73 65 5F 76 : GET./mac/_base_v
0x0010 : 31 2F 73 63 72 69 70 74 2F 6A 71 75 65 72 79 2D : 1/script/jquery-
0x0020 : 31 2E 36 2E 31 2E 6A 73 20 48 54 54 50 2F 31 2E : 1.6.1.js.HTTP/1.
0x0030 : 31 0D 0A 48 6F 73 74 3A 20 77 77 77 2E 6D 69 63 : 1..Host:.www.mic
0x0040 : 72 6F 73 6F 66 74 2E 63 6F 6D 0D 0A 55 73 65 72 : rosoft.com..User
0x0050 : 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 6C 6C 61 2F : -Agent:.Mozilla/
0x0060 : 35 2E 30 20 28 4D 61 63 69 6E 74 6F 73 68 3B 20 : 5.0.(Macintosh;.
0x0070 : 49 6E 74 65 6C 20 4D 61 63 20 4F 53 20 58 20 31 : Intel.Mac.OS.X.1
0x0080 : 30 2E 36 3B 20 72 76 3A 31 33 2E 30 29 20 47 65 : 0.6;.rv:13.0).Ge
0x0090 : 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69 72 : cko/20100101.Fir
0x00A0 : 65 66 6F 78 2F 31 33 2E 30 0D 0A 41 63 63 65 70 : efox/13.0..Accep
0x00B0 : 74 3A 20 2A 2F 2A 0D 0A 41 63 63 65 70 74 2D 4C : t:.*/*..Accept-L
0x00C0 : 61 6E 67 75 61 67 65 3A 20 65 6E 2D 75 73 2C 65 : anguage:.en-us,e
0x00D0 : 6E 3B 71 3D 30 2E 35 0D 0A 41 63 63 65 70 74 2D : n;q=0.5..Accept-
0x00E0 : 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 : Encoding:.gzip,.
0x00F0 : 64 65 66 6C 61 74 65 0D 0A 52 65 66 65 72 65 72 : deflate..Referer
0x0100 : 3A 20 68 74 74 70 3A 2F 2F 77 77 77 2E 6D 69 63 : :.http://www.mic
0x0110 : 72 6F 73 6F 66 74 2E 63 6F 6D 2F 6D 61 63 2F 72 : rosoft.com/mac/r
0x0120 : 65 6D 6F 74 65 2D 64 65 73 6B 74 6F 70 2D 63 6C : emote-desktop-cl
0x0130 : 69 65 6E 74 0D 0A 44 4E 54 3A 20 31 0D 0A 43 6F : ient..DNT:.1..Co
0x0140 : 6E 6E 65 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 : nnection:.keep-a
0x0150 : 6C 69 76 65 0D 0A 0D 0A 00 00 00 00 00 00 00 00 : live............
Hex Payload: 0x0000 : 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D : HTTP/1.1.200.OK.
0x0010 : 0A 43 61 63 68 65 2D 43 6F 6E 74 72 6F 6C 3A 20 : .Cache-Control:.
0x0020 : 6D 61 78 2D 61 67 65 3D 39 30 30 0D 0A 43 6F 6E : max-age=900..Con
0x0030 : 74 65 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C 69 : tent-Type:.appli
0x0040 : 63 61 74 69 6F 6E 2F 78 2D 6A 61 76 61 73 63 72 : cation/x-javascr
0x0050 : 69 70 74 0D 0A 43 6F 6E 74 65 6E 74 2D 45 6E 63 : ipt..Content-Enc
0x0060 : 6F 64 69 6E 67 3A 20 67 7A 69 70 0D 0A 4C 61 73 : oding:.gzip..Las
0x0070 : 74 2D 4D 6F 64 69 66 69 65 64 3A 20 57 65 64 2C : t-Modified:.Wed,
0x0080 : 20 30 38 20 4A 75 6E 20 32 30 31 31 20 31 38 3A : .08.Jun.2011.18:
0x0090 : 34 35 3A 34 39 20 47 4D 54 0D 0A 41 63 63 65 70 : 45:49.GMT..Accep
Desired output (the above tied/concatenated together):
Hex Payload: 0x0000 : 47 45 54 20 2F 6D 61 63 2F 5F 62 61 73 65 5F 76 : GET./mac/_base_v
0x0010 : 31 2F 73 63 72 69 70 74 2F 6A 71 75 65 72 79 2D : 1/script/jquery-
0x0020 : 31 2E 36 2E 31 2E 6A 73 20 48 54 54 50 2F 31 2E : 1.6.1.js.HTTP/1.
0x0030 : 31 0D 0A 48 6F 73 74 3A 20 77 77 77 2E 6D 69 63 : 1..Host:.www.mic
0x0040 : 72 6F 73 6F 66 74 2E 63 6F 6D 0D 0A 55 73 65 72 : rosoft.com..User
0x0050 : 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 6C 6C 61 2F : -Agent:.Mozilla/
0x0060 : 35 2E 30 20 28 4D 61 63 69 6E 74 6F 73 68 3B 20 : 5.0.(Macintosh;.
0x0070 : 49 6E 74 65 6C 20 4D 61 63 20 4F 53 20 58 20 31 : Intel.Mac.OS.X.1
0x0080 : 30 2E 36 3B 20 72 76 3A 31 33 2E 30 29 20 47 65 : 0.6;.rv:13.0).Ge
0x0090 : 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69 72 : cko/20100101.Fir
0x00A0 : 65 66 6F 78 2F 31 33 2E 30 0D 0A 41 63 63 65 70 : efox/13.0..Accep
0x00B0 : 74 3A 20 2A 2F 2A 0D 0A 41 63 63 65 70 74 2D 4C : t:.*/*..Accept-L
0x00C0 : 61 6E 67 75 61 67 65 3A 20 65 6E 2D 75 73 2C 65 : anguage:.en-us,e
0x00D0 : 6E 3B 71 3D 30 2E 35 0D 0A 41 63 63 65 70 74 2D : n;q=0.5..Accept-
0x00E0 : 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 : Encoding:.gzip,.
0x00F0 : 64 65 66 6C 61 74 65 0D 0A 52 65 66 65 72 65 72 : deflate..Referer
0x0100 : 3A 20 68 74 74 70 3A 2F 2F 77 77 77 2E 6D 69 63 : :.http://www.mic
0x0110 : 72 6F 73 6F 66 74 2E 63 6F 6D 2F 6D 61 63 2F 72 : rosoft.com/mac/r
0x0120 : 65 6D 6F 74 65 2D 64 65 73 6B 74 6F 70 2D 63 6C : emote-desktop-cl
0x0130 : 69 65 6E 74 0D 0A 44 4E 54 3A 20 31 0D 0A 43 6F : ient..DNT:.1..Co
0x0140 : 6E 6E 65 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 : nnection:.keep-a
0x0150 : 6C 69 76 65 0D 0A 0D 0A 00 00 00 00 00 00 00 00 : live............
0x0160 : 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D : HTTP/1.1.200.OK.
0x0170 : 0A 43 61 63 68 65 2D 43 6F 6E 74 72 6F 6C 3A 20 : .Cache-Control:.
0x0180 : 6D 61 78 2D 61 67 65 3D 39 30 30 0D 0A 43 6F 6E : max-age=900..Con
0x0190 : 74 65 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C 69 : tent-Type:.appli
0x0200 : 63 61 74 69 6F 6E 2F 78 2D 6A 61 76 61 73 63 72 : cation/x-javascr
0x0210 : 69 70 74 0D 0A 43 6F 6E 74 65 6E 74 2D 45 6E 63 : ipt..Content-Enc
0x0220 : 6F 64 69 6E 67 3A 20 67 7A 69 70 0D 0A 4C 61 73 : oding:.gzip..Las
0x0230 : 74 2D 4D 6F 64 69 66 69 65 64 3A 20 57 65 64 2C : t-Modified:.Wed,
0x0240 : 20 30 38 20 4A 75 6E 20 32 30 31 31 20 31 38 3A : .08.Jun.2011.18:
0x0250 : 34 35 3A 34 39 20 47 4D 54 0D 0A 41 63 63 65 70 : 45:49.GMT..Accep
You are trying to reassemble a network session, not a fragmented network packet. You should be using the module 'Net::Analysis'. It can, with some effort on your part, reassemble a complete network session. You will soon learn to hate pipe-lining.
I have the following information below being produced by the Net::Pcap module to print the payload of the packets of interest within a capture.
The data below is the excerpt of a Windows executable file being captured within Perl.
I would like to be able to capture all of the hex data output into one file or variable to assess the session data of the file download while retaining the integrity of the hex dump.
The problem I am having is for each packet being produced for the download of the file it obviously produces a hex dump output. This is easily seen by the output below by the string "Payload" I print per packet/hex dump output.
I want to tie all relevant data together for a given file download session. How can I do this in Perl?
Payload:HTTP/1.1 200 OK
Date: Fri, 15 Jun 2012 02:31:32 GMT
Server: Apache
Last-Modified: Sat, 10 Dec 2011 13:38:37 GMT
ETag: "dc44da-4d000-4b3bd04c7a2f1"
Accept-Ranges: bytes
Content-Length: 315392
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/x-msdos-program
MZ<90>^#^C^#^#^#^D^#^#^#<FF><FF>^#^#<B8>^#^#^#^#^#^#^##^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#<F8>^#^#^#^N^_<BA>^N^#<B4> <CD>!<B8>^AL<CD>!This program cannot be run in DOS mode.^M
$^#^#^#^#^#^#^#4^TGmpu)>pu)>pu)>c}#>ru)>uyI>ru)>uy&>ku)>c}t>ru)><F3>}t>uu)>pu(>
u)>uyv><DA>u)><9C>~w>qu)>uys>qu)>Richpu)>^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#PE^#^#L^A^D^#^_R<E3>N^#^#^#^#^#^#^#^#<E0>^#^O^A^K^A^G
^#<80>^C^#^#<90>^A^#^#^#^#^#g^F^C^#^#^P^#^#^#<90>^C^#^#^##^#^#^P^#^#^#^P^#^#^D^#^#^#^#^#^#^#^D^#^#^#^#^#^#^#^# ^E^#^#^P^#^#^#^#^#^#^C^#^#^#^#^#^P^#^#^P^#^#^#^#^P^#^#^P^#^#^#^#^#^#^P^#^#^#^#^#^#^#^#^#^#^#<A8><91>^D^#P^#^#^#^#^#^E^#<C8>^T^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^##<91>^D^#H^#^#^#^#^#^#^#^#^#^#^#^#<90>^C^#<D0>^A^#^#^#^#^#^#^#^#
^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#.text^#^#^#As^C^#^#^P^#^#^#<80>^C^#^#^P^#^#^#^#^#^#^#^#^#^#^#^#^#^# ^#^#`.rdata^#^#<C2>^K^A^#^#<90>^C^#^#^P^A^#^#<90>^C^#^#^#^#^#^#^#^#^#^#^#^#^##^#^##.data^#^#^#D]^#^#^#<A0>^D^#^#^P^#^#^#<A0>^D^#^#^#^#^#^#^#^#^#^#^#^#^##^#^#<C0>.rsrc^#^#^#<C8>^T^#^#^#^#^E^#^# ^#^#^#<B0>^D^#^#^#^#^#^#^#^#^#^#^#^#^##^#^##^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#Payload:^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^#^
Thank you Borodin for the suggestion. However, I don't know how to use this module correctly and it is apparent as I am still getting the same output. Here is the snippet of code I am using with this module and the printed hex. As you can see the printed hex is not tied together as one hex output but two seperate for the given TCP stream for which I want to tie together. Any help is appreciated.
my $user_data;
my $header;
my $packet;
my $err ='';
my $pcap = Net::Pcap::open_offline("./pcap", \$err) or die "can't open ./pcap...$err\n";
Net::Pcap::loop($pcap, -1, \&process_pkt, '');
Net::Pcap::Reassemble::loop($pcap, -1, \&rend_callback, '');
Net::Pcap::close($pcap);
my $ip;
my $tcp;
my $payload;
sub process_pkt
{
my ($user_data,$header, $packet) = #_;
$ip = NetPacket::IP->decode(eth_strip($packet));
$tcp = NetPacket::TCP->decode($ip->{data});
$payload = $tcp->{data};
my $hexPayload = hexdump(data => $payload, start_position => 0) if length $payload;
print "Hex Payload:". $hexPayload;
}
print output:
Hex Payload: 0x0000 : 47 45 54 20 2F 6D 61 63 2F 5F 62 61 73 65 5F 76 : GET./mac/_base_v
0x0010 : 31 2F 73 63 72 69 70 74 2F 6A 71 75 65 72 79 2D : 1/script/jquery-
0x0020 : 31 2E 36 2E 31 2E 6A 73 20 48 54 54 50 2F 31 2E : 1.6.1.js.HTTP/1.
0x0030 : 31 0D 0A 48 6F 73 74 3A 20 77 77 77 2E 6D 69 63 : 1..Host:.www.mic
0x0040 : 72 6F 73 6F 66 74 2E 63 6F 6D 0D 0A 55 73 65 72 : rosoft.com..User
0x0050 : 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 6C 6C 61 2F : -Agent:.Mozilla/
0x0060 : 35 2E 30 20 28 4D 61 63 69 6E 74 6F 73 68 3B 20 : 5.0.(Macintosh;.
0x0070 : 49 6E 74 65 6C 20 4D 61 63 20 4F 53 20 58 20 31 : Intel.Mac.OS.X.1
0x0080 : 30 2E 36 3B 20 72 76 3A 31 33 2E 30 29 20 47 65 : 0.6;.rv:13.0).Ge
0x0090 : 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69 72 : cko/20100101.Fir
0x00A0 : 65 66 6F 78 2F 31 33 2E 30 0D 0A 41 63 63 65 70 : efox/13.0..Accep
0x00B0 : 74 3A 20 2A 2F 2A 0D 0A 41 63 63 65 70 74 2D 4C : t:./..Accept-L
0x00C0 : 61 6E 67 75 61 67 65 3A 20 65 6E 2D 75 73 2C 65 : anguage:.en-us,e
0x00D0 : 6E 3B 71 3D 30 2E 35 0D 0A 41 63 63 65 70 74 2D : n;q=0.5..Accept-
0x00E0 : 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 : Encoding:.gzip,.
0x00F0 : 64 65 66 6C 61 74 65 0D 0A 52 65 66 65 72 65 72 : deflate..Referer
0x0100 : 3A 20 68 74 74 70 3A 2F 2F 77 77 77 2E 6D 69 63 : :.http://www.mic
0x0110 : 72 6F 73 6F 66 74 2E 63 6F 6D 2F 6D 61 63 2F 72 : rosoft.com/mac/r
0x0120 : 65 6D 6F 74 65 2D 64 65 73 6B 74 6F 70 2D 63 6C : emote-desktop-cl
0x0130 : 69 65 6E 74 0D 0A 44 4E 54 3A 20 31 0D 0A 43 6F : ient..DNT:.1..Co
0x0140 : 6E 6E 65 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 : nnection:.keep-a
0x0150 : 6C 69 76 65 0D 0A 0D 0A 00 00 00 00 00 00 00 00 : live............
Hex Payload: 0x0000 : 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D : HTTP/1.1.200.OK.
0x0010 : 0A 43 61 63 68 65 2D 43 6F 6E 74 72 6F 6C 3A 20 : .Cache-Control:.
0x0020 : 6D 61 78 2D 61 67 65 3D 39 30 30 0D 0A 43 6F 6E : max-age=900..Con
0x0030 : 74 65 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C 69 : tent-Type:.appli
0x0040 : 63 61 74 69 6F 6E 2F 78 2D 6A 61 76 61 73 63 72 : cation/x-javascr
0x0050 : 69 70 74 0D 0A 43 6F 6E 74 65 6E 74 2D 45 6E 63 : ipt..Content-Enc
0x0060 : 6F 64 69 6E 67 3A 20 67 7A 69 70 0D 0A 4C 61 73 : oding:.gzip..Las
0x0070 : 74 2D 4D 6F 64 69 66 69 65 64 3A 20 57 65 64 2C : t-Modified:.Wed,
0x0080 : 20 30 38 20 4A 75 6E 20 32 30 31 31 20 31 38 3A : .08.Jun.2011.18:
0x0090 : 34 35 3A 34 39 20 47 4D 54 0D 0A 41 63 63 65 70 : 45:49.GMT..Accep
Take a look at Net::Pcap::Reassemble
This module performs reassembly of fragmented datagrams in libpcap
packet capture data returned by the Net::Pcap loop() function