PERL 26
Netmon2tcpdump.pl Guest on 30th July 2020 05:22:05 AM
  1. #!/usr/local/bin/perl
  2.  
  3. sub main
  4. {
  5.     local ($input, $output) = @_;
  6.     local ($line);
  7.     local ($lineNo) = (0);
  8.     while  (($line = <$input>)) {
  9.         local ($num, $time, $srcMac, $dstMac, $type, $rest);
  10.         chop $line;
  11.         $lineNo++;
  12.         $line =~ /^(\d+)\s+([\d\.]+)\s+([\dA-F]+)\s+([\dA-F]+)\s+(\w+)\s+(.*)/ ||
  13.             die "IP: No match on line $lineNo: $_.\n";
  14.         ($num, $time, $srcMac, $dstMac, $type, $rest) = ($1, $2, $3, $4, $5, $6);
  15.         if ($type eq 'TCP') {
  16.             local ($flags, $len, $seqStart, $seqEnd, $ack, $win, $srcPort, $dstPort, $srcIP, $dstIP);
  17.             $rest =~ /^([A-Z\.]+),\s+len:\s+(\d+),\s+seq:\s*(\d+)-(\d+),\s+ack:\s*(\d+),\s+win:\s*(\d+),\s+src:\s+(\d+)\s+dst:\s+(\d+)\s+([\w\d\.]+)\s+([\w\d\.]+)\s+IP/ ||
  18.                 die "TCP: No match on line $lineNo: $_.\n";
  19.             ($flags, $len, $seqStart, $seqEnd, $ack, $win, $srcPort, $dstPort, $srcIP, $dstIP) = ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10);
  20.             $flags =~ s/\.|A//g;
  21.             $flags = '.' if ($flags eq '');
  22.             print $output "$time $srcIP.$srcPort > $dstIP.$dstPort: $flags";
  23.             print $output " $seqStart:$seqEnd(", $seqEnd - $seqStart, ")" if ($seqEnd != $seqStart || $flags =~ /S/);
  24.             print $output " ack $ack" if ($ack);
  25.             print $output " win $win" if ($win);
  26.             print $output "\n";
  27.         } elsif ($type == 'ICMP') {
  28.             local ($message, $whatIsA, $a, $whatIsB, $b, $srcIP, $dstIP);
  29.             $rest =~ /^([^,]*),\s+(From|To)\s+([\w\d\.]+)\s+(To|From)\s+([\w\d\.]+)\s+([\w\d\.]+)\s+([\w\d\.]+)\s+IP/ ||
  30.                 die "ICMP: No match on line $lineNo: $_.\n";
  31.             local ($message, $whatIsA, $a, $whatIsB, $b, $srcIP, $dstIP) = ($1, $2, $3, $4, $5, $6, $7);
  32.             print $output "$time $srcIP > $dstIP: ";
  33.             if ($message eq 'Echo') {
  34.                 print $output "echo request";
  35.             } elsif ($message eq 'Echo Reply') {
  36.                 print $output "echo reply";
  37.             } else {
  38.                 die "IP: Don't know how to handle message \"$message\".\n";
  39.             }
  40.             print $output "\n";
  41.             $from = '';
  42.             $to = '';
  43.         } else {
  44.             die "IP: Don't know how to handle \"$type\".\n";
  45.         }
  46.     }
  47. }
  48.  
  49. open(INPUT, "<BIG.www26.robot.netmon.BIG") || die "Can't open input: $!\n";
  50. open(OUTPUT, ">BIG.www26.robot.tcpdump.BIG") || die "Can't open output: $!\n";
  51.  
  52. main('INPUT', 'OUTPUT');

Paste is for source code and general debugging text.

Login or Register to edit, delete and keep track of your pastes and more.

Raw Paste

Login or Register to edit or fork this paste. It's free.