Code license:	New BSD License
Labels:	ruby, packet, network, security, libpcap, ids, wireshark, scruby, pcaprub, tcp, udp, ip, packet-fu, パケットフ, パケット

Show all Featured downloads:
ackscan_packetfu_windows.flv packetfu-0.2.0.tar.gz

Links:	Documentation
Blogs:	Plan B Security
Feeds:	Project feeds

People details

Project owners:
	planb.security

PacketFu

PacketFu is a mid-level packet manipulation library for Ruby. The current version is 0.2.0, as of June 13, 2009.

Requirements

Ruby (1.8.6 or later)

BinData and PcapRub are provided as part of the current PacketFu distribution -- see their accompanying documentation for more information.

Click the download link to start creating and parsing packets natively in Ruby. But if I were you, I'd stick to the source instead. I hardly ever break the tree, and I'm slow on upping version numbers.

Install

See the included INSTALL file. In short:

tar zxvf packetfu.0.x.y.tar.gz
cd pcaprub_linux
ruby extconf.rb && make && sudo make install
cd ..
sudo ruby setup.rb

Note, if you already have a version of BinData installed, this will overwrite it. There are ways around this, see ruby setup.rb --help for details.
PacketFu is reported to work on OS X, assuming you can get pcaprub installed correctly.

Other Stuff

PacketFu (for Ruby) has no connection to the folks at packetfu.org.

Spelling

Sometimes it's spelled "Packet-Fu," but it's difficult to get a hyphen in a Ruby constant, so I usually spell it PacketFu now.