linux - Determine the source port of an IPv4 packet with perl -

i have perl script reads , processes ipv4 packets tuntap interface. stripped down bit, looks this:

#!/usr/bin/perl use warnings; use strict; use common; use linux::tuntap; use netpacket::ip; use io::socket; $|++;  ###### predecs ##### $tun; %config = loadconfig();  $tun = linux::tuntap->new(name => $config{'localtun_name'}) or die "couldn't connect interface $config{localtun_name}\n"; print "interface up: " . $tun->{interface} . "\n";  while (my $rawdata = $tun->get_raw()) {         $rawdata =~ s/^....//; # strip tuntap header         $packet = netpacket::ip->decode($rawdata);         print "$packet->{id} $packet->{src_ip} -> $packet->{dest_ip} $packet->{proto} $packet->{len}\n";         # processing here } 

for routing reasons, need know source port of data. have not found way of doing netpacket::ip, there different way of determining this? using netpacket::ip debugging reasons, not set on module in particular if different module allow me extract source port in addition sequence number, size, source ip, , destination ip.

netpacket::ip deals ip packets have no concept of ports. ports come play on tcp/udp (or whatever have layered on top of ip) layer, need e.g. netpacket::tcp information. you'll have @ $packet->{proto} decide module (tcp or udp) want use layer4 parsing.

if you're sure won't need additional header fields higher-level netpacket modules make sense, exploit fact source port in first 16 bits of header both tcp , udp, say

# untested, i'm not sure case returned in # $packet->{proto} if($packet->{proto} eq 'tcp' or $packet->{proto} eq 'udp') {     $port = unpack('n', $packet->{data});     ... } 

edit: btw, using substr() instead of regexp substitution should faster if that's concern.