Tweaking Ruby Pcap

06 Mar 2007

Ruby/Pcap provides ruby bindings to the libpcap c library, making packet dumping and analysis relatively easy. There’s a handful of tutorials around that provide some basic examples however I ran into a few problems when using the bindings at work.

Unfortunately, they haven’t been updated in a long time and I was getting some warnings due to deprecated code.

pcap.so: warning: do not use Fixnums as Symbols

I found a site in Japanese that seemed to explain the warning (google cache version), and managed to infer the solution to making the warnings go away.

Find the following lines in Pcap.c:

    cPcapStat = rbfuncall(rbcStruct, rb_intern("new"), 4,
      Qnil,
      INT2NUM(rb_intern("recv")),
      INT2NUM(rb_intern("drop")),
      INT2NUM(rb_intern("ifdrop")));

and change them to:

    cPcapStat = rbfuncall(rbcStruct, rb_intern("new"), 4,
      Qnil,
      ID2SYM(rb_intern("recv")),
      ID2SYM(rb_intern("drop")),
      ID2SYM(rb_intern("ifdrop")));

then recompile and reinstall the bindings:

make
make install

James Healy

Tweaking Ruby Pcap

Related Posts

2022 in Running 04 Jan 2023

2021 in Running 01 Jan 2022

Type Checking a Ruby Gem with Sorbet 31 Dec 2021