0

I need to capture the traffic while I connect to a given host from ruby. I'm using Open3.popen3 in combination with tcpdump for that (I can safely assume I have tcpdump in my running environment and that I have the privileges to capture packets). The only missing piece is that I need to provide the name of the interface I need to sniff, and I don't know which interface will take me to the desired IP address.

This kind of information is provided by system utilities such as ip or route, but I am seeking a platform-independent (still in the realm of Unix, but not exclusively Linux, e.g. FreeBSD) solution that does not require me to write code to support all versions of these utilities.

I looked in the neighborhood of Socket, but could not find anything useful.

Does ruby offer such functionality?

Spiros
  • 2,156
  • 2
  • 23
  • 42
  • I don't believe there is a native Ruby solution for this problem. Like you said you can get this through `route` and `ip`. See https://stackoverflow.com/questions/43719923/is-there-a-native-ruby-method-to-get-default-gateway-of-host-machine . And you probably know this one already https://serverfault.com/questions/531751/find-interface-for-route-to-specific-host . – Casper Nov 09 '21 at 12:44
  • You can `tcpdump` with `-i any` to listen on all interfaces. – Lyzard Kyng Nov 09 '21 at 17:31
  • @LyzardKyng thanks for your suggestion. Unfortunately, that method only works on Linux (from the manpage: `On Linux systems with 2.2 or later kernels, an interface argument of ``any'' can be used to capture packets from all interfaces.`). My solution needs to be deployed on FreeBSD too. I will update my question with this information. – Spiros Nov 11 '21 at 10:28
  • Then I'd agree with @Casper. You can run `ip` or `route` directly from ruby and parse its output. See [here](https://stackoverflow.com/questions/2232/how-to-call-shell-commands-from-ruby) and [here](https://stackoverflow.com/questions/24443179/how-to-check-what-route-interface-does-a-destination-ip-address-belong-to-with) – Lyzard Kyng Nov 11 '21 at 10:59

0 Answers0