# -sam k (commport5@lucidx.com)

use Socket;

sub to_dotquad {
 my ($net) = @_ ;
 my ($na, $nb, $nc, $nd);
 $na = $net >> 24 & 255;
 $nb = $net >> 16 & 255;
 $nc = $net >>  8 & 255;
 $nd = $net & 255;
 return("$na.$nb.$nc.$nd");
}

sub ip2name {
 $fl = 0;
 my $addr = shift;
 (gethostbyaddr(pack("N", $addr), AF_INET))[0] || &ip2dot($addr);
}

sub ip2dot {
 $fl++;
 sprintf("%u.%u.%u.%u", unpack "C4", pack "N1", shift);
}

sub port2serv {
 my ($port, $proto) = @_;
 getservbyport($port, $proto);
}

# This modified subroutine is from David Hulton's rawsnif.pl
# Big thanks to him for allowing me to use it and helping with this program!
sub getpckt {
 my (%pdg, @saddrg, @daddrg, @shostg, @dhostg);
 my $ofstg = $_[0];
 unless ($nons) {
  if ($proto =~ /tcp/i) {
   (@shostg = gethostbyaddr(substr($pckt, $tcpo+12, 4), AF_INET));
   ($pdg{'shost'} = $shostg[0]);
   (@dhostg = gethostbyaddr(substr($pckt, $tcpo+16, 4), AF_INET));
   ($pdg{'dhost'} = $dhostg[0]);
  }
  if ($proto =~ /udp/i) {
   (@shostg = gethostbyaddr(substr($pckt, $udpo+12, 4), AF_INET));
   ($pdg{'shost'} = $shostg[0]);
   (@dhostg = gethostbyaddr(substr($pckt, $udpo+16, 4), AF_INET));
   ($pdg{'dhost'} = $dhostg[0]);
  }
  if ($proto =~ /icmp/i) {
   (@shostg = gethostbyaddr(substr($pckt, $icmpo+12, 4), AF_INET));
   ($pdg{'shost'} = $shostg[0]);
   (@dhostg = gethostbyaddr(substr($pckt, $icmpo+16, 4), AF_INET));
   ($pdg{'dhost'} = $dhostg[0]);
  }
 }
 @saddrg = unpack("C4", substr($pckt, $ofstg+12, 4));
 $pdg{'saddr'} = join('.', @saddrg);
 (defined($pdg{'shost'})) || ($pdg{'shost'} = $pdg{'saddr'});
 @daddrg = unpack("C4", substr($pckt, $ofstg+16, 4));
 $pdg{'daddr'} = join('.', @daddrg);
 (defined($pdg{'dhost'})) || ($pdg{'dhost'} = $pdg{'daddr'});
 $pdg{'sport'} = unpack("n2", substr($pckt, $ofstg+$ip, 4));
 $pdg{'dport'} = unpack("n2", substr($pckt, $ofstg+$ip+2, 4));
 return(%pdg);
}

1;