How to read all traffic received on one network interface using Erlang
Papa Tana
papa.tana101@REDACTED
Wed Aug 12 21:06:18 CEST 2020
Hi All,
Excuse-me to talk about it again, because it becomes more interesting now,
as I can see the deep functions provided by Erlang.
As I said previously, https://github.com/msantos/epcap.git is solving my
need.
Anyway, I tried all the suggestions of Lukasz:
1/[WORKING] Unix-Domain + gen_udp/gen_tcp:
{ok, Server} = gen_udp:open(0, [{ifaddr,{local,"/tmp/socket"}}])
gen_udp:send(UnixSock, {local, "/tmp/socket"}, 0, "Hello Unix-Domain
World").
%% it's pretty useful.
2/[WORKING] Allocate a named pipe by mkfifo and listen/send in Erlang:
mkfifo dump.unix
open_port("dump.unix", [eof]).
port_command(HelloFifo, <<"Hey! Hello again\n">>).
%% I can even pipe the output of tcpdump, which is doing all the job for
me, and I can get all data from Erlang, Great!! :-)
%% This was solving my need as well!
3/ Anyway, I hope I did not misunderstood, but I was undesrtanding that it
was feasible to connect to an existing named pipe "allocated by mkfifo" via
gen_udp/gen_tcp?
because for this, I always fail, since the named pipe has the same name as
my unix-domain socket.
{error, eaddrinuse} when listen , {error, econnrefused} when send
==> So my question is, How do you connect to an existing named pipe
allocated by mkfifo, via gen_udp/gen_tcp, not using open_port?
Thank you!
PS: I will try to understand socat and cap_net_raw as well later on :-p
Best Regards,
Le mar. 11 août 2020 à 18:52, Łukasz Niemier <lukasz@REDACTED> a écrit :
> > To make a direct pipe, I'm getting from 'tcpdump' and 'replay' on the
> other side like below:
> >
> > # tcdump -i eth0 -w -'..... | tcpreplay -i eth1 - ....
>
> This is "unnamed pipe", what I meant is named pipe:
>
> $ mkfifo dump.pcap
> $ # start VM that will read from `dump.pcap`
> # tcpdump -i eth0 -w dump.pcap
>
> Alternatively you can use socat and UNIX socket
>
> # tcpdump -i eth0 -w - | socat stdin unix-sendto:dump.unix # it will use
> datagram UNIX socket, use unix-listen for stream socket
> $ # start VM and connect to the dump.unix via gen_udp/gen_tcp
>
> You can also use socat for sending data to the named pipe if you want
> using pipe:dump.pcap. In that form you will not need to run VM with any
> raised privileges, just regular user that can read named pipe/UNIX socket.
>
> --
>
> Łukasz Niemier
> lukasz@REDACTED
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20200812/76e37510/attachment.htm>
More information about the erlang-questions
mailing list