Init

plugSrc/http/build/entry.go

@@ -0,0 +1,106 @@
+package build
+
+import (
+	"github.com/google/gopacket"
+	"io"
+	"log"
+	"strconv"
+	"fmt"
+	"os"
+	"bufio"
+	"net/http"
+)
+
+const (
+	Port       = 80
+	Version    = "0.1"
+)
+
+const (
+	CmdPort    = "-p"
+)
+
+type H struct {
+	port       int//端口
+	version    string//插件版本
+}
+
+var hp *H
+
+func NewInstance() *H {
+	if hp == nil {
+		hp = &H{
+			port   :Port,
+			version:Version,
+		}
+	}
+	return hp
+}
+
+func (m *H) ResolveStream(net, transport gopacket.Flow, buf io.Reader) {
+
+	bio := bufio.NewReader(buf)
+	for {
+		req, err := http.ReadRequest(bio)
+
+		if err == io.EOF {
+			return
+		} else if err != nil {
+			continue
+		} else {
+
+			var msg = "["
+			msg += req.Method
+			msg += "] ["
+			msg += req.Host + req.URL.String()
+			msg += "] ["
+			req.ParseForm()
+			msg += req.Form.Encode()
+			msg += "]"
+
+			log.Println(msg)
+
+			req.Body.Close()
+		}
+	}
+}
+
+func (m *H) BPFFilter() string {
+	return "tcp and port "+strconv.Itoa(m.port);
+}
+
+func (m *H) Version() string {
+	return Version
+}
+
+func (m *H) SetFlag(flg []string)  {
+
+	c := len(flg)
+
+	if c == 0 {
+		return
+	}
+	if c >> 1 == 0 {
+		fmt.Println("http参数数量不正确!")
+		os.Exit(1)
+	}
+	for i:=0;i<c;i=i+2 {
+		key := flg[i]
+		val := flg[i+1]
+
+		switch key {
+		case CmdPort:
+			port, err := strconv.Atoi(val);
+			m.port = port
+			if err != nil {
+				panic("端口数不正确")
+			}
+			if port < 0 || port > 65535 {
+				panic("参数不正确: 端口范围(0-65535)")
+			}
+			break
+		default:
+			panic("参数不正确")
+		}
+	}
+}

plugSrc/mysql/build/const.go

@@ -0,0 +1,79 @@
+package build
+
+const (
+	ComQueryRequestPacket string     = "【查询】"
+	OkPacket string                  = "【正确】"
+	ErrorPacket string               = "【错误】"
+	PreparePacket string             = "【预处理】"
+	SendClientHandshakePacket string = "【用户认证】"
+	SendServerHandshakePacket string = "【登录认证】"
+)
+
+const (
+	COM_SLEEP byte          = 0
+	COM_QUIT                = 1
+	COM_INIT_DB             = 2
+	COM_QUERY               = 3
+	COM_FIELD_LIST          = 4
+	COM_CREATE_DB           = 5
+	COM_DROP_DB             = 6
+	COM_REFRESH             = 7
+	COM_SHUTDOWN            = 8
+	COM_STATISTICS          = 9
+	COM_PROCESS_INFO        = 10
+	COM_CONNECT             = 11
+	COM_PROCESS_KILL        = 12
+	COM_DEBUG               = 13
+	COM_PING                = 14
+	COM_TIME                = 15
+	COM_DELAYED_INSERT      = 16
+	COM_CHANGE_USER         = 17
+	COM_BINLOG_DUMP         = 18
+	COM_TABLE_DUMP          = 19
+	COM_CONNECT_OUT         = 20
+	COM_REGISTER_SLAVE      = 21
+	COM_STMT_PREPARE        = 22
+	COM_STMT_EXECUTE        = 23
+	COM_STMT_SEND_LONG_DATA = 24
+	COM_STMT_CLOSE          = 25
+	COM_STMT_RESET          = 26
+	COM_SET_OPTION          = 27
+	COM_STMT_FETCH          = 28
+	COM_DAEMON              = 29
+	COM_BINLOG_DUMP_GTID    = 30
+	COM_RESET_CONNECTION    = 31
+)
+
+const (
+	MYSQL_TYPE_DECIMAL byte = 0
+	MYSQL_TYPE_TINY         = 1
+	MYSQL_TYPE_SHORT        = 2
+	MYSQL_TYPE_LONG         = 3
+	MYSQL_TYPE_FLOAT        = 4
+	MYSQL_TYPE_DOUBLE       = 5
+	MYSQL_TYPE_NULL         = 6
+	MYSQL_TYPE_TIMESTAMP    = 7
+	MYSQL_TYPE_LONGLONG     = 8
+	MYSQL_TYPE_INT24        = 9
+	MYSQL_TYPE_DATE         = 10
+	MYSQL_TYPE_TIME         = 11
+	MYSQL_TYPE_DATETIME     = 12
+	MYSQL_TYPE_YEAR         = 13
+	MYSQL_TYPE_NEWDATE      = 14
+	MYSQL_TYPE_VARCHAR      = 15
+	MYSQL_TYPE_BIT          = 16
+)
+
+const (
+	MYSQL_TYPE_JSON byte = iota + 0xf5
+	MYSQL_TYPE_NEWDECIMAL
+	MYSQL_TYPE_ENUM
+	MYSQL_TYPE_SET
+	MYSQL_TYPE_TINY_BLOB
+	MYSQL_TYPE_MEDIUM_BLOB
+	MYSQL_TYPE_LONG_BLOB
+	MYSQL_TYPE_BLOB
+	MYSQL_TYPE_VAR_STRING
+	MYSQL_TYPE_STRING
+	MYSQL_TYPE_GEOMETRY
+)

plugSrc/mysql/build/entry.go

@@ -0,0 +1,350 @@
+package build
+
+import (
+	"github.com/google/gopacket"
+	"io"
+	"bytes"
+	"errors"
+	"log"
+	"strconv"
+	"sync"
+	"time"
+	"fmt"
+	"encoding/binary"
+	"strings"
+	"os"
+)
+
+const (
+	Port              = 3306
+	Version           = "0.1"
+	CmdPort           = "-p"
+)
+
+type Mysql struct {
+	port       int//端口
+	version    string//插件版本
+	source     map[string]*stream//流
+}
+
+type stream struct {
+	packets chan *packet
+	stmtMap map[uint32]*Stmt
+}
+
+type packet struct {
+	isClientFlow bool
+	seq        int
+	length     int
+	payload   []byte
+}
+
+var mysql *Mysql
+var once sync.Once
+func NewInstance() *Mysql {
+
+	once.Do(func() {
+		mysql = &Mysql{
+			port   :Port,
+			version:Version,
+			source: make(map[string]*stream),
+		}
+	})
+
+	return mysql
+}
+
+func (m *Mysql) ResolveStream(net, transport gopacket.Flow, buf io.Reader) {
+
+	//uuid
+	uuid := fmt.Sprintf("%v:%v", net.FastHash(), transport.FastHash())
+
+	//generate resolve's stream
+	if _, ok := m.source[uuid]; !ok {
+
+		var newStream = stream{
+			packets:make(chan *packet, 100),
+			stmtMap:make(map[uint32]*Stmt),
+		}
+
+		m.source[uuid] = &newStream
+		go newStream.resolve()
+	}
+
+	//read bi-directional packet
+	//server -> client || client -> server
+	for {
+
+		newPacket := m.newPacket(net, transport, buf)
+
+		if newPacket == nil {
+			return
+		}
+
+		m.source[uuid].packets <- newPacket
+	}
+}
+
+func (m *Mysql) BPFFilter() string {
+	return "tcp and port "+strconv.Itoa(m.port);
+}
+
+func (m *Mysql) Version() string {
+	return Version
+}
+
+func (m *Mysql) SetFlag(flg []string)  {
+
+	c := len(flg)
+
+	if c == 0 {
+		return
+	}
+	if c >> 1 == 0 {
+		fmt.Println("Mysql参数数量不正确!")
+		os.Exit(1)
+	}
+	for i:=0;i<c;i=i+2 {
+		key := flg[i]
+		val := flg[i+1]
+
+		switch key {
+		case CmdPort:
+			port, err := strconv.Atoi(val);
+			m.port = port
+			if err != nil {
+				panic("端口数不正确")
+			}
+			if port < 0 || port > 65535 {
+				panic("参数不正确: 端口范围(0-65535)")
+			}
+			break
+		default:
+			panic("参数不正确")
+		}
+	}
+}
+
+func (m *Mysql) newPacket(net, transport gopacket.Flow, r io.Reader) *packet {
+
+	//read packet
+	var payload bytes.Buffer
+	var seq uint8
+	var err error
+	if seq, err = m.resolvePacketTo(r, &payload); err != nil {
+		return nil
+	}
+
+	//close stream
+	if err == io.EOF {
+		fmt.Println(net, transport, " 关闭")
+		return nil
+	} else if err != nil {
+		fmt.Println("错误流:", net, transport, ":", err)
+	}
+
+	//generate new packet
+	var pk = packet{
+		seq: int(seq),
+		length:payload.Len(),
+		payload:payload.Bytes(),
+	}
+	if transport.Src().String() == strconv.Itoa(Port) {
+		pk.isClientFlow = false
+	}else{
+		pk.isClientFlow = true
+	}
+
+	return &pk
+}
+
+func (m *Mysql) resolvePacketTo(r io.Reader, w io.Writer) (uint8, error) {
+
+	header := make([]byte, 4)
+	if n, err := io.ReadFull(r, header); err != nil {
+		if n == 0 && err == io.EOF {
+			return 0, io.EOF
+		}
+		return 0, errors.New("错误流")
+	}
+
+	length := int(uint32(header[0]) | uint32(header[1])<<8 | uint32(header[2])<<16)
+
+	var seq uint8
+	seq = header[3]
+
+	if n, err := io.CopyN(w, r, int64(length)); err != nil {
+		return 0, errors.New("错误流")
+	} else if n != int64(length) {
+		return 0, errors.New("错误流")
+	} else {
+		return seq, nil
+	}
+
+	return seq, nil
+}
+
+func (stm *stream) resolve() {
+	for {
+		select {
+		case packet := <- stm.packets:
+			if packet.isClientFlow {
+				stm.resolveClientPacket(packet.payload, packet.seq)
+			} else {
+				stm.resolveServerPacket(packet.payload, packet.seq)
+			}
+		}
+	}
+}
+
+func (stm *stream) findStmtPacket (srv chan *packet, seq int) *packet {
+	for {
+		select {
+		case packet, ok := <- stm.packets:
+			if !ok {
+				return nil
+			}
+			if packet.seq == seq {
+				return packet
+			}
+		case <-time.After(5 * time.Second):
+			return nil
+		}
+	}
+}
+
+func (stm *stream) resolveServerPacket(payload []byte, seq int) {
+
+	var msg = ""
+	switch payload[0] {
+
+		case 0xff:
+			errorCode  := int(binary.LittleEndian.Uint16(payload[1:3]))
+			errorMsg,_ := ReadStringFromByte(payload[4:])
+
+			msg = GetNowStr(false)+"%s 错误代码:%s,错误信息:%s"
+			msg  = fmt.Sprintf(msg, ErrorPacket, strconv.Itoa(errorCode), strings.TrimSpace(errorMsg))
+
+		case 0x00:
+			var pos = 1
+			l,_ := LengthBinary(payload[pos:])
+			affectedRows := int(l)
+
+			msg += GetNowStr(false)+"%s 影响行数:%s"
+			msg = fmt.Sprintf(msg, OkPacket, strconv.Itoa(affectedRows))
+
+		default:
+			return
+	}
+
+	fmt.Println(msg)
+}
+
+func (stm *stream) resolveClientPacket(payload []byte, seq int) {
+
+	var msg string
+	switch payload[0] {
+
+	case COM_INIT_DB:
+
+		msg = fmt.Sprintf("USE %s;\n", payload[1:])
+	case COM_DROP_DB:
+
+		msg = fmt.Sprintf("删除数据库 %s;\n", payload[1:])
+	case COM_CREATE_DB, COM_QUERY:
+
+		statement := string(payload[1:])
+		msg = fmt.Sprintf("%s %s", ComQueryRequestPacket, statement)
+	case COM_STMT_PREPARE:
+
+		serverPacket := stm.findStmtPacket(stm.packets, seq+1)
+		if serverPacket == nil {
+			log.Println("找不到预处理响应包")
+		}
+
+		//获取响应包中预处理id
+		stmtID := binary.LittleEndian.Uint32(serverPacket.payload[1:5])
+		stmt := &Stmt{
+			ID:    stmtID,
+			Query: string(payload[1:]),
+		}
+
+		//记录预处理语句
+		stm.stmtMap[stmtID] = stmt
+		stmt.FieldCount = binary.LittleEndian.Uint16(serverPacket.payload[5:7])
+		stmt.ParamCount = binary.LittleEndian.Uint16(serverPacket.payload[7:9])
+		stmt.Args       = make([]interface{}, stmt.ParamCount)
+
+		msg = PreparePacket+stmt.Query
+	case COM_STMT_SEND_LONG_DATA:
+
+		stmtID   := binary.LittleEndian.Uint32(payload[1:5])
+		paramId  := binary.LittleEndian.Uint16(payload[5:7])
+		stmt, _  := stm.stmtMap[stmtID]
+
+		if stmt.Args[paramId] == nil {
+			stmt.Args[paramId] = payload[7:]
+		} else {
+			if b, ok := stmt.Args[paramId].([]byte); ok {
+				b = append(b, payload[7:]...)
+				stmt.Args[paramId] = b
+			}
+		}
+		return
+	case COM_STMT_RESET:
+
+		stmtID := binary.LittleEndian.Uint32(payload[1:5])
+		stmt, _:= stm.stmtMap[stmtID]
+		stmt.Args = make([]interface{}, stmt.ParamCount)
+		return
+	case COM_STMT_EXECUTE:
+
+		var pos = 1
+		stmtID := binary.LittleEndian.Uint32(payload[pos : pos+4])
+		pos += 4
+		var stmt *Stmt
+		var ok bool
+		if stmt, ok = stm.stmtMap[stmtID]; ok == false {
+			log.Println("未发现预处理id: ", stmtID)
+		}
+
+		//参数
+		pos += 5
+		if stmt.ParamCount > 0 {
+
+			//空位图（Null-Bitmap，长度 = (参数数量 + 7) / 8 字节）
+			step := int((stmt.ParamCount + 7) / 8)
+			nullBitmap := payload[pos : pos+step]
+			pos += step
+
+			//参数分隔标志
+			flag := payload[pos]
+
+			pos++
+
+			var pTypes  []byte
+			var pValues []byte
+
+			//如果参数分隔标志值为1
+			//n 每个参数的类型值（长度 = 参数数量 * 2 字节）
+			//n 每个参数的值
+			if flag == 1 {
+				pTypes = payload[pos : pos+int(stmt.ParamCount)*2]
+				pos += int(stmt.ParamCount) * 2
+				pValues = payload[pos:]
+			}
+
+			//绑定参数
+			err := stmt.BindArgs(nullBitmap, pTypes, pValues)
+			if err != nil {
+				log.Println("预处理绑定参数失败: ", err)
+			}
+		}
+		msg = string(stmt.WriteToText())
+	default:
+		return
+	}
+
+	fmt.Println(GetNowStr(true) + msg)
+}
+

plugSrc/mysql/build/stmt.go

@@ -0,0 +1,175 @@
+package build
+
+import (
+	"bytes"
+	"encoding/binary"
+	"fmt"
+	"math"
+	"strings"
+
+	"errors"
+)
+
+type Stmt struct {
+	ID         uint32
+	Query      string
+	ParamCount uint16
+	FieldCount uint16
+
+	Args []interface{}
+}
+
+func (stmt *Stmt) WriteToText() []byte {
+
+	var buf bytes.Buffer
+
+	str := fmt.Sprintf("预处理编号[%d]: '%s';\n", stmt.ID, stmt.Query)
+	buf.WriteString(str)
+
+	for i := 0; i < int(stmt.ParamCount); i++ {
+		var str string
+		switch stmt.Args[i].(type) {
+		case nil:
+			str = fmt.Sprintf("set @p%v = NULL;\n", i)
+		case []byte:
+			param := string(stmt.Args[i].([]byte))
+			str = fmt.Sprintf("set @p%v = '%s';\n", i, strings.TrimSpace(param))
+		default:
+			str = fmt.Sprintf("set @p%v = %v;\n", i, stmt.Args[i])
+		}
+		buf.WriteString(str)
+	}
+
+	str = fmt.Sprintf("执行预处理[%d]: ", stmt.ID)
+	buf.WriteString(str)
+	for i := 0; i < int(stmt.ParamCount); i++ {
+		if i == 0 {
+			buf.WriteString(" using ")
+		}
+		if i > 0 {
+			buf.WriteString(", ")
+		}
+		str := fmt.Sprintf("@p%v", i)
+		buf.WriteString(str)
+	}
+	buf.WriteString(";\n")
+
+	str = fmt.Sprintf("丢弃预处理[%d];\n", stmt.ID)
+	buf.WriteString(str)
+
+	return buf.Bytes()
+}
+
+func (stmt *Stmt) BindArgs(nullBitmap, paramTypes, paramValues []byte) error {
+
+	args := stmt.Args
+	pos := 0
+
+	var v []byte
+	var n = 0
+	var isNull bool
+	var err error
+
+	for i := 0; i < int(stmt.ParamCount); i++ {
+
+		//判断参数是否为null
+		if nullBitmap[i>>3]&(1<<(uint(i)%8)) > 0 {
+			args[i] = nil
+			continue
+		}
+
+		//参数类型
+		typ := paramTypes[i<<1]
+		unsigned := (paramTypes[(i<<1)+1] & 0x80) > 0
+
+		switch typ {
+		case MYSQL_TYPE_NULL:
+			args[i] = nil
+			continue
+
+		case MYSQL_TYPE_TINY:
+
+			value := paramValues[pos]
+			if unsigned {
+				args[i] = uint8(value)
+			} else {
+				args[i] = int8(value)
+			}
+
+			pos++
+			continue
+
+		case MYSQL_TYPE_SHORT, MYSQL_TYPE_YEAR:
+
+			value := binary.LittleEndian.Uint16(paramValues[pos : pos+2])
+			if unsigned {
+				args[i] = uint16(value)
+			} else {
+				args[i] = int16(value)
+			}
+			pos += 2
+			continue
+
+		case MYSQL_TYPE_INT24, MYSQL_TYPE_LONG:
+
+			value := binary.LittleEndian.Uint32(paramValues[pos : pos+4])
+			if unsigned {
+				args[i] = uint32(value)
+			} else {
+				args[i] = int32(value)
+			}
+			pos += 4
+			continue
+
+		case MYSQL_TYPE_LONGLONG:
+
+			value := binary.LittleEndian.Uint64(paramValues[pos : pos+8])
+			if unsigned {
+				args[i] = value
+			} else {
+				args[i] = int64(value)
+			}
+			pos += 8
+			continue
+
+		case MYSQL_TYPE_FLOAT:
+
+			value := math.Float32frombits(binary.LittleEndian.Uint32(paramValues[pos : pos+4]))
+			args[i] = float32(value)
+			pos += 4
+			continue
+
+		case MYSQL_TYPE_DOUBLE:
+
+			value := math.Float64frombits(binary.LittleEndian.Uint64(paramValues[pos : pos+8]))
+			args[i] = value
+			pos += 8
+			continue
+
+		case MYSQL_TYPE_DECIMAL, MYSQL_TYPE_NEWDECIMAL,
+			MYSQL_TYPE_VARCHAR, MYSQL_TYPE_BIT,
+			MYSQL_TYPE_ENUM, MYSQL_TYPE_SET,
+			MYSQL_TYPE_TINY_BLOB, MYSQL_TYPE_MEDIUM_BLOB, MYSQL_TYPE_LONG_BLOB, MYSQL_TYPE_BLOB,
+			MYSQL_TYPE_VAR_STRING, MYSQL_TYPE_STRING,
+			MYSQL_TYPE_GEOMETRY,
+			MYSQL_TYPE_DATE, MYSQL_TYPE_NEWDATE, MYSQL_TYPE_TIMESTAMP, MYSQL_TYPE_DATETIME, MYSQL_TYPE_TIME:
+
+			v, isNull, n, err = LengthEncodedString(paramValues[pos:])
+			pos += n
+			if err != nil {
+				return err
+			}
+
+			if !isNull {
+				args[i] = v
+				continue
+			} else {
+				args[i] = nil
+				continue
+			}
+		default:
+			return errors.New(fmt.Sprintf("预处理未知类型 %d", typ))
+		}
+	}
+	return nil
+}

plugSrc/mysql/build/util.go

@@ -0,0 +1,94 @@
+package build
+
+import (
+	"bytes"
+	"encoding/binary"
+	"io"
+	"time"
+)
+
+func GetNowStr(isClient bool) string {
+	var msg string
+	msg += time.Now().Format("2006-01-02 15:04:05")
+	if isClient {
+		msg += "| cli -> ser |"
+	}else{
+		msg += "| ser -> cli |"
+	}
+	return msg
+}
+
+func ReadStringFromByte(b []byte) (string,int) {
+
+	var l int
+	l = bytes.IndexByte(b, 0x00)
+	if l == -1 {
+		l = len(b)
+	}
+	return string(b[0:l]), l
+}
+
+func LengthBinary(b []byte) (uint32, int) {
+
+	var first = int(b[0])
+	if first > 0 && first <= 250 {
+		return uint32(first), 1
+	}
+	if first == 251 {
+		return 0,1
+	}
+	if first == 252 {
+		return binary.LittleEndian.Uint32(b[1:2]),1
+	}
+	if first == 253 {
+		return binary.LittleEndian.Uint32(b[1:4]),3
+	}
+	if first == 254 {
+		return binary.LittleEndian.Uint32(b[1:9]),8
+	}
+	return 0,0
+}
+
+func LengthEncodedInt(input []byte) (num uint64, isNull bool, n int) {
+
+	switch input[0] {
+
+	case 0xfb:
+		n = 1
+		isNull = true
+		return
+	case 0xfc:
+		num = uint64(input[1]) | uint64(input[2])<<8
+		n = 3
+		return
+	case 0xfd:
+		num = uint64(input[1]) | uint64(input[2])<<8 | uint64(input[3])<<16
+		n = 4
+		return
+	case 0xfe:
+		num = uint64(input[1]) | uint64(input[2])<<8 | uint64(input[3])<<16 |
+			uint64(input[4])<<24 | uint64(input[5])<<32 | uint64(input[6])<<40 |
+			uint64(input[7])<<48 | uint64(input[8])<<56
+		n = 9
+		return
+	}
+
+	num = uint64(input[0])
+	n = 1
+	return
+}
+
+func LengthEncodedString(b []byte) ([]byte, bool, int, error) {
+
+	num, isNull, n := LengthEncodedInt(b)
+	if num < 1 {
+		return nil, isNull, n, nil
+	}
+
+	n += int(num)
+
+	if len(b) >= n {
+		return b[n-int(num) : n], false, n, nil
+	}
+	return nil, false, n, io.EOF
+}

plugSrc/redis/build/entry.go

@@ -0,0 +1,126 @@
+package build
+
+import (
+	"github.com/google/gopacket"
+	"io"
+	"strings"
+	"fmt"
+	"strconv"
+	"bufio"
+)
+
+type Redis struct {
+	port int
+	version string
+	cmd chan string
+	done chan bool
+}
+
+const (
+	Port       int = 6379
+	Version string = "0.1"
+	CmdPort string = "-p"
+)
+
+var redis = &Redis {
+	port:Port,
+	version:Version,
+}
+
+func NewInstance() *Redis{
+	return redis
+}
+
+/**
+	解析流
+ */
+func (red Redis) ResolveStream(net, transport gopacket.Flow, r io.Reader) {
+
+	//只解析clint发出去的包
+	buf := bufio.NewReader(r)
+	var cmd string
+	var cmdCount = 0
+	for {
+
+		line, _, _ := buf.ReadLine()
+		//判断链接是否断开
+		if len(line) == 0 {
+			buff := make([]byte, 1)
+			_, err := r.Read(buff)
+			if err == io.EOF {
+				red.done <- true
+				return
+			}
+		}
+
+		//过滤无用数据
+		if !strings.HasPrefix(string(line), "*") {
+			continue
+		}
+
+		//过滤服务器返回数据
+		if strings.EqualFold(transport.Src().String(), strconv.Itoa(red.port)) == true {
+			continue
+		}
+
+		//解析
+		l := string(line[1])
+		cmdCount, _ = strconv.Atoi(l)
+		cmd = ""
+		for j := 0; j < cmdCount * 2; j++ {
+			c, _, _ := buf.ReadLine()
+			if j & 1 == 0 {
+				continue
+			}
+			cmd += " " + string(c)
+		}
+		fmt.Println(cmd)
+	}
+}
+
+/**
+	SetOption
+ */
+func (red *Redis) SetFlag(flg []string)  {
+	c := len(flg)
+	if c == 0 {
+		return
+	}
+	if c >> 1 != 1 {
+		panic("Mysql参数数量不正确!")
+	}
+	for i:=0;i<c;i=i+2 {
+		key := flg[i]
+		val := flg[i+1]
+
+		switch key {
+		case CmdPort:
+			port, err := strconv.Atoi(val);
+			redis.port = port
+			if err != nil {
+				panic("端口数不正确")
+			}
+			if port < 0 || port > 65535 {
+				panic("参数不正确: 端口范围(0-65535)")
+			}
+			break
+		default:
+			panic("参数不正确")
+		}
+	}
+}
+
+/**
+	BPFFilter
+ */
+func (red *Redis) BPFFilter() string {
+	return "tcp and port "+strconv.Itoa(redis.port);
+}
+
+/**
+	Version
+ */
+func (red *Redis) Version() string {
+	return red.version;
+}
+