#!/usr/bin/perl -w
# #########################
#
use Net::PcapUtils;
use NetPacket::Ethernet qw(:strip);
use NetPacket::IP;
use NetPacket::TCP;
use NetPacket::IP qw(:strip);
use strict;
use Data::Dumper;
#use warnings;
my $interface= 'eth1';
my $snaplen= 65536;
my $filter='tcp';
my $promisc = 1;
my $timeout = 10000 ;
my $err;
my @array;
sub process_pkt
{
my ($user_data,$header,$packet) = @_;
my $ip= NetPacket::IP->decode(eth_strip($packet));
my $tcp= NetPacket::TCP->decode($ip->{data});
my $payload = $tcp->{data};
if(length($payload)==32)
{
for(my $decode=0;$decode<32;$decode++)
{
$array[$decode] = unpack('H2',substr($payload,$decode,1));
}
my $length= scalar(@array);
open (MYFILE, '>doorstatus.tab');
if($array[22] eq '0c')
{
print MYFILE ( " Decision: Granted\n");
}
elsif($array[22] eq '04')
{
print MYFILE ("Decision: Denied\n");
}
elsif($array[22] eq '0d')
{
print MYFILE ("Decision: Locked\n");
}
else
{
print MYFILE ("Decision: unknown \n");
}
#print MYFILE ( " Data: \n".Dumper(\@array)." \n");
close (MYFILE);
}
}
Net::PcapUtils::loop(\&process_pkt,
SNAPLEN => 65536,
PROMISC => 1,
FILTER => 'tcp',
FILTER => 'ip src xx.xx.xx.xx',
DEV => $interface, );
The code filters the data coming from a specific source into an array and you can do any thing with it,