It's intended to provide a clean, simple, Ruby-like way of working with libtrace, rather than a simple translation of the libtrace calls from C into Ruby. For example, for the protocol header decodes, I have generally used the field names from the RFCs, rather than libtrace's names.
ruby-libtrace provides a class inheritance hierarchy that can simplify programs that work on encapsulated packets. See the Hierarchy page for details.
For libtrace documentation, see the libtrace pages at WAND (above). To help you get started with ruby-libtrace, I've provided a collection of examples; you can get their source code from the Examples page.
IPprefix Methods for handling IP addresses and prefixes
IP IPv4 header fields
IPv6 IPv6 header fields
TCP TCP header fields
UDP UDP header fields
ICMP ICMP packet fields
Internet Classes for accessing IPv4 or IPv6 data from Internet-protocol layer 3 objects
Data Classes for accessing packet
data from objects at network layers 2 and higher
Layers Methods to
decode packets in layers, and to return Data objects for
headers
(useful for looking at anything other than the 'header'decodes above)
New Objects Methods for creating new objects from parts of existing ones (e.g. for working on encapsulated IPv6 packets)), or from strings
Packet Methods
for working with Packets
Trace Routines for working with Traces
Filter Routines for creating and using BPF filters
OutputTrace Routines for writing trace files
Examples
Example ruby-libtrace programs
Please send bug reports or suggestions for new features to
n.brownlee@auckland.ac.nz
Nevil Brownlee
Thu, 20 Nov 08 (CST)