Session

Example

import { Session } from 'dripcap';

Session.create({
  ifs: 'eth0',
}).then(sess => {
  sess.start();
});

Class Methods

Session.create(options)

  • options Object
    • ifs String - Network interface ID, default value is "" (Live capture disabled)
    • filter String - BPF, default value is ""
    • promiscuous Boolean - Promiscuous, default value is false
    • snaplen Integer - Maximum packet length, default value is 1600
    • namespace String - Namespace of the link layer, default value is "::Ethernet"
    • dissectors Array - List of Dissectors
    • stream_dissectors Array - List of StreamDissectors

Class Properties

Session.devices

  • Readonly: Array - List of the available interfaces
    • id String - Interface ID
    • name String - Interface name
    • description String - Interface description
    • link Integer - Linktype (http://www.tcpdump.org/linktypes.html)
    • loopback Boolean - Loopback flag

id is not always equal to name. Session.create doesn't accept name as ifs but id in that case.

Example

[  
   {  
      "id":"en0",
      "name":"en0",
      "description":"",
      "link":1,
      "loopback":false
   },
   {  
      "id":"p2p0",
      "name":"p2p0",
      "description":"",
      "link":12,
      "loopback":false
   }
]

Session.permission

  • Readonly: Boolean

Returns true if the current process has enough permission to run a live capture or false otherwise.

Methods

Session#analyze(packet)

  • packet Object | Array - Single Packet or List of Packets

Adds packet(s) to the analyzer queue.

Session#filter(name,filter)

  • name String
  • filter String

Sets a display filter as name.

If filter is an empty string, the filter will be removed.

Session#get(index)

  • index Integer
  • Returns: Packet

Returns a packet at index or undefined if index is out of bound.

Session#getFiltered(name,start,end)

  • name String - Filter name
  • start Integer
  • end Integer
  • Returns: Array

Returns a list of filtered packet indices between start and end.

Session#setBPF(filter)

  • filter String

Sets a BPF(Berkeley Packet Filter) to the session or throws SyntaxError if the filter is wrong.

Session#start()

Starts a live capture.

Session#stop()

Stops the running live capture. You can resume it with Session#start.

Session#close()

Closes the session and invalidates all packet instances belong to the session.

Events

Event: 'log'

  • Returns: Object
    • level String - Log level
    • message String - Message
    • data Object - Additional data

Event: 'status'

  • Returns: Object
    • packets Integer - Number of the analyzed packets
    • queue Integer - Number of the queued packets
    • capturing Boolean - Whether a live capture is running
    • filtered Object - Filter name as a key and number of filtered packets as a value

results matching ""

    No results matching ""