PacketFu
PacketFu is a mid-level packet manipulation library for Ruby. The current version is 0.3.1, as of Jan 12, 2010. (Be here soon!)
Bullets
- "Yet Another Packet Factory"
- "An IDS in Five Lines or Less"
- "Irb is the new Hping"
Requirements
- Ruby (1.8.6 or later)
BinData and PcapRub are provided as part of the current PacketFu distribution -- see their accompanying documentation for more information.
Download
Click the download link to start creating and parsing packets natively in Ruby. But if I were you, I'd stick to the source instead. I hardly ever break the tree, and I'm slow on upping version numbers.
Install
- See the included INSTALL file. In short:
- tar zxvf packetfu.0.x.y.tar.gz
- cd pcaprub_linux
- ruby extconf.rb && make && sudo make install
- cd ..
- sudo ruby setup.rb
- Note, PacketFu 0.3.0 and later no longer uses BinData, so your existing BinData install won't be touched anymore.
- PacketFu is reported to work on OS X, assuming you can get pcaprub installed correctly.
Other Stuff
PacketFu (for Ruby) has no connection to the folks at packetfu.org.
Spelling
Sometimes it's spelled "Packet-Fu," but it's difficult to get a hyphen in a Ruby constant, so I usually spell it PacketFu now.
