5 use NetPacket::Ethernet;
12 my $gi = Geo::IP->open("GeoLiteCity.dat", GEOIP_STANDARD);
17 unless (defined $dev) {
18 $dev = Net::Pcap::lookupdev(\$err);
20 die 'Unable to determine network device for monitoring - ', $err;
24 my $server = IO::Socket::INET->new(
27 PeerAddr => 'localhost' )
28 or die "can't setup server";
30 my ($address, $netmask);
31 print "Starting to send data\n";
32 my $object = Net::Pcap::open_live($dev, 1500, 0, 0, \$err);
38 #'(not net 192.168.0.0/16) && (tcp[13] & 2!=0)',
39 #'(tcp[13] & 2!=0) && (not src net 192.168.0.0/16)',
41 '((tcp[13] & 2!=0) || (tcp[13] & 16 != 0)) && (not src net 192.168.0.0/16)',
45 ) && die 'Unable to compile packet capture filter';
46 Net::Pcap::setfilter($object, $filter) &&
47 die 'Unable to set packet capture filter';
49 unless (defined $object) {
50 die 'Unable to create packet capture on device ', $dev, ' - ', $err;
53 Net::Pcap::loop($object, -1, \&syn_packets, $server) ||
54 die 'Unable to perform packet capture';
57 my ($user_data, $header, $packet) = @_;
58 my $ether_data = NetPacket::Ethernet::strip($packet);
59 my $ip = NetPacket::IP->decode($ether_data);
60 my $tcp = NetPacket::TCP->decode($ip->{'data'});
62 my $record = $gi->record_by_addr($ip->{'src_ip'});
64 print $ip->{'src_ip'}. " - " ."Sending ".$record->latitude.":".$record->longitude."\n";
65 print $user_data $record->latitude.":".$record->longitude."\n";