mwlang/pcaplet.rb

## pcaplet.rb
  require 'pcap'
require 'getopts'

def pcaplet_usage()
  $stderr.print <<END
Usage: #{File.basename $0} [ -dnv ] [ -i interface | -r file ]
       #{' ' * File.basename($0).length} [ -c count ] [ -s snaplen ] [ filter ]
Options:
  -n  do not convert address to name
  -d  debug mode
  -v  verbose mode
END
end

module Pcap
  class Pcaplet
    def usage(status, msg = nil)
      $stderr.puts msg if msg
      pcaplet_usage
      exit(status)
    end

[snipped...]

## stacktrace
raspberrypi:~# ruby test_cap.rb
/usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require': cannot load such file -- getopts (LoadError)
  from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/pcaplet.rb:2:in `<top (required)>'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from test_cap.rb:3:in `<main>'

## test_cap.rb
require 'rubygems'
require 'pcaplet'
httpdump = Pcaplet.new('-s 1500')

HTTP_REQUEST = Pcap::Filter.new('tcp and dst port 80', httpdump.capture)
HTTP_RESPONSE = Pcap::Filter.new('tcp and src port 80', httpdump.capture)

httpdump.add_filter(HTTP_REQUEST | HTTP_RESPONSE)
httpdump.each_packet {|pkt|
  data = pkt.tcp_data
  case pkt
  when HTTP_REQUEST
    if data and data =~ /^GET\s+(\S+)/
      path = $1
      host = pkt.dst.to_s
      host << ":#{pkt.dst_port}" if pkt.dport != 80
      s = "#{pkt.src}:#{pkt.sport} > GET http://#{host}#{path}"
    end
  when HTTP_RESPONSE
    if data and data =~ /^(HTTP\/.*)$/
      status = $1
      s = "#{pkt.dst}:#{pkt.dport} < #{status}"
    end
  end
  puts s if s
}
	require 'pcap'
	require 'getopts'

	def pcaplet_usage()
	$stderr.print <<END
	Usage: #{File.basename $0} [ -dnv ] [ -i interface \| -r file ]
	#{' ' * File.basename($0).length} [ -c count ] [ -s snaplen ] [ filter ]
	Options:
	-n do not convert address to name
	-d debug mode
	-v verbose mode
	END
	end

	module Pcap
	class Pcaplet
	def usage(status, msg = nil)
	$stderr.puts msg if msg
	pcaplet_usage
	exit(status)
	end

	[snipped...]
	raspberrypi:~# ruby test_cap.rb
	/usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require': cannot load such file -- getopts (LoadError)
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/pcaplet.rb:2:in `<top (required)>'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from /usr/local/rvm/rubies/ruby-2.0.0-p195/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
	from test_cap.rb:3:in `<main>'
	require 'rubygems'
	require 'pcaplet'
	httpdump = Pcaplet.new('-s 1500')

	HTTP_REQUEST = Pcap::Filter.new('tcp and dst port 80', httpdump.capture)
	HTTP_RESPONSE = Pcap::Filter.new('tcp and src port 80', httpdump.capture)

	httpdump.add_filter(HTTP_REQUEST \| HTTP_RESPONSE)
	httpdump.each_packet {\|pkt\|
	data = pkt.tcp_data
	case pkt
	when HTTP_REQUEST
	if data and data =~ /^GET\s+(\S+)/
	path = $1
	host = pkt.dst.to_s
	host << ":#{pkt.dst_port}" if pkt.dport != 80
	s = "#{pkt.src}:#{pkt.sport} > GET http://#{host}#{path}"
	end
	when HTTP_RESPONSE
	if data and data =~ /^(HTTP\/.*)$/
	status = $1
	s = "#{pkt.dst}:#{pkt.dport} < #{status}"
	end
	end
	puts s if s
	}