mirror of
https://github.com/40t/go-sniffer.git
synced 2025-08-10 03:07:53 +08:00
update lang
This commit is contained in:
jtjing
67
core/cmd.go
67
core/cmd.go
@@ -10,11 +10,11 @@ import (
|
||||
|
||||
const InternalCmdPrefix = "--"
|
||||
const (
|
||||
InternalCmdHelp = "help" //帮助文档
|
||||
InternalCmdEnv = "env" //环境变量
|
||||
InternalCmdList = "list" //插件列表
|
||||
InternalCmdVer = "ver" //版本信息
|
||||
InternalDevice = "dev" //设备链表
|
||||
InternalCmdHelp = "help"
|
||||
InternalCmdEnv = "env"
|
||||
InternalCmdList = "list"
|
||||
InternalCmdVer = "ver"
|
||||
InternalDevice = "dev"
|
||||
)
|
||||
|
||||
type Cmd struct {
|
||||
@@ -32,13 +32,13 @@ func NewCmd(p *Plug) *Cmd {
|
||||
//start
|
||||
func (cm *Cmd) Run() {
|
||||
|
||||
//使用帮助
|
||||
//print help
|
||||
if len(os.Args) <= 1 {
|
||||
cm.printHelpMessage();
|
||||
cm.printHelpMessage()
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
//解析命令
|
||||
//parse command
|
||||
firstArg := string(os.Args[1])
|
||||
if strings.HasPrefix(firstArg, InternalCmdPrefix) {
|
||||
cm.parseInternalCmd()
|
||||
@@ -47,7 +47,8 @@ func (cm *Cmd) Run() {
|
||||
}
|
||||
}
|
||||
|
||||
//解析内部参数
|
||||
//parse internal commend
|
||||
//like --help, --env, --device
|
||||
func (cm *Cmd) parseInternalCmd() {
|
||||
|
||||
arg := string(os.Args[1])
|
||||
@@ -56,9 +57,9 @@ func (cm *Cmd) parseInternalCmd() {
|
||||
switch cmd {
|
||||
case InternalCmdHelp:
|
||||
cm.printHelpMessage()
|
||||
break;
|
||||
break
|
||||
case InternalCmdEnv:
|
||||
fmt.Println("插件路径:"+cm.plugHandle.dir)
|
||||
fmt.Println("External plug-in path : "+cm.plugHandle.dir)
|
||||
break
|
||||
case InternalCmdList:
|
||||
cm.plugHandle.PrintList()
|
||||
@@ -68,45 +69,45 @@ func (cm *Cmd) parseInternalCmd() {
|
||||
break
|
||||
case InternalDevice:
|
||||
cm.printDevice()
|
||||
break;
|
||||
break
|
||||
}
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
//使用说明
|
||||
//usage
|
||||
func (cm *Cmd) printHelpMessage() {
|
||||
|
||||
fmt.Println("==================================================================================")
|
||||
fmt.Println("[使用说明]")
|
||||
fmt.Println("[Usage]")
|
||||
fmt.Println("")
|
||||
fmt.Println(" go-sniffer [设备名] [插件名] [插件参数(可选)]")
|
||||
fmt.Println(" go-sniffer [device] [plug] [plug's params(optional)]")
|
||||
fmt.Println()
|
||||
fmt.Println(" [例子]")
|
||||
fmt.Println(" go-sniffer en0 redis 抓取redis数据包")
|
||||
fmt.Println(" go-sniffer en0 mysql -p 3306 抓取mysql数据包,端口3306")
|
||||
fmt.Println(" [exp]")
|
||||
fmt.Println(" go-sniffer en0 redis Capture redis packet")
|
||||
fmt.Println(" go-sniffer en0 mysql -p 3306 Capture mysql packet")
|
||||
fmt.Println()
|
||||
fmt.Println(" go-sniffer --[命令]")
|
||||
fmt.Println(" --help 帮助信息")
|
||||
fmt.Println(" --env 环境变量")
|
||||
fmt.Println(" --list 插件列表")
|
||||
fmt.Println(" --ver 版本信息")
|
||||
fmt.Println(" --dev 设备列表")
|
||||
fmt.Println(" [例子]")
|
||||
fmt.Println(" go-sniffer --list 查看可抓取的协议")
|
||||
fmt.Println(" go-sniffer --[commend]")
|
||||
fmt.Println(" --help \"this page\"")
|
||||
fmt.Println(" --env \"environment variable\"")
|
||||
fmt.Println(" --list \"Plug-in list\"")
|
||||
fmt.Println(" --ver \"version\"")
|
||||
fmt.Println(" --dev \"device\"")
|
||||
fmt.Println(" [exp]")
|
||||
fmt.Println(" go-sniffer --list \"show all plug-in\"")
|
||||
fmt.Println()
|
||||
fmt.Println("==================================================================================")
|
||||
cm.printDevice()
|
||||
fmt.Println("==================================================================================")
|
||||
}
|
||||
|
||||
//打印插件
|
||||
//print plug-in list
|
||||
func (cm *Cmd) printPlugList() {
|
||||
l := len(cm.plugHandle.InternalPlugList)
|
||||
l += len(cm.plugHandle.ExternalPlugList)
|
||||
fmt.Println("# 插件数量:"+strconv.Itoa(l))
|
||||
fmt.Println("# Number of plug-ins : "+strconv.Itoa(l))
|
||||
}
|
||||
|
||||
//打印设备
|
||||
//print device
|
||||
func (cm *Cmd) printDevice() {
|
||||
ifaces, err:= net.Interfaces()
|
||||
if err != nil {
|
||||
@@ -117,19 +118,19 @@ func (cm *Cmd) printDevice() {
|
||||
for _,a:=range addrs {
|
||||
if ipnet, ok := a.(*net.IPNet); ok {
|
||||
if ip4 := ipnet.IP.To4(); ip4 != nil {
|
||||
fmt.Println("[设备名] : "+iface.Name+" : "+iface.HardwareAddr.String()+" "+ip4.String())
|
||||
fmt.Println("[device] : "+iface.Name+" : "+iface.HardwareAddr.String()+" "+ip4.String())
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//解析插件需要的参数
|
||||
//Parameters needed for plug-ins
|
||||
func (cm *Cmd) parsePlugCmd() {
|
||||
|
||||
if len(os.Args) < 3 {
|
||||
fmt.Println("缺少[插件名]")
|
||||
fmt.Println("go-sniffer [设备名] [插件名] [插件参数(可选)]")
|
||||
fmt.Println("not found [Plug-in name]")
|
||||
fmt.Println("go-sniffer [device] [plug] [plug's params(optional)]")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package core
|
||||
|
||||
type Core struct{
|
||||
//版本信息
|
||||
Version string
|
||||
}
|
||||
|
||||
@@ -16,13 +15,13 @@ func New() Core {
|
||||
|
||||
func (c *Core) Run() {
|
||||
|
||||
//插件
|
||||
//new plugin
|
||||
plug := NewPlug()
|
||||
|
||||
//解析参数
|
||||
//parse commend
|
||||
cmd := NewCmd(plug)
|
||||
cmd.Run()
|
||||
|
||||
//开启抓包
|
||||
//dispatch
|
||||
NewDispatch(plug, cmd).Capture()
|
||||
}
|
||||
@@ -26,24 +26,24 @@ func NewDispatch(plug *Plug, cmd *Cmd) *Dispatch {
|
||||
|
||||
func (d *Dispatch) Capture() {
|
||||
|
||||
// Init device
|
||||
//init device
|
||||
handle, err := pcap.OpenLive(d.device, 65535, false, pcap.BlockForever)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
// Set filter
|
||||
//set filter
|
||||
fmt.Println(d.Plug.BPF)
|
||||
err = handle.SetBPFFilter(d.Plug.BPF)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
// Capture
|
||||
//capture
|
||||
src := gopacket.NewPacketSource(handle, handle.LinkType())
|
||||
packets := src.Packets()
|
||||
|
||||
// Set up assembly
|
||||
//set up assembly
|
||||
streamFactory := &ProtocolStreamFactory{
|
||||
dispatch:d,
|
||||
}
|
||||
@@ -51,14 +51,14 @@ func (d *Dispatch) Capture() {
|
||||
assembler := NewAssembler(streamPool)
|
||||
ticker := time.Tick(time.Minute)
|
||||
|
||||
// Loop until ctrl+z
|
||||
//loop until ctrl+z
|
||||
for {
|
||||
select {
|
||||
case packet := <-packets:
|
||||
if packet.NetworkLayer() == nil ||
|
||||
packet.TransportLayer() == nil ||
|
||||
packet.TransportLayer().LayerType() != layers.LayerTypeTCP {
|
||||
fmt.Println("包不能解析")
|
||||
fmt.Println("ERR : Unknown Packet -_-")
|
||||
continue
|
||||
}
|
||||
tcp := packet.TransportLayer().(*layers.TCP)
|
||||
@@ -91,7 +91,7 @@ func (m *ProtocolStreamFactory) New(net, transport gopacket.Flow) tcpassembly.St
|
||||
}
|
||||
|
||||
//new stream
|
||||
fmt.Println("# 新连接:", net, transport)
|
||||
fmt.Println("# Start new stream:", net, transport)
|
||||
|
||||
//decode packet
|
||||
go m.dispatch.Plug.ResolveStream(net, transport, &(stm.r))
|
||||
|
||||
37
core/plug.go
37
core/plug.go
@@ -16,36 +16,26 @@ import (
|
||||
|
||||
type Plug struct {
|
||||
|
||||
//当前插件路径
|
||||
dir string
|
||||
//解析包
|
||||
ResolveStream func(net gopacket.Flow, transport gopacket.Flow, r io.Reader)
|
||||
//BPF
|
||||
BPF string
|
||||
|
||||
//内部插件列表
|
||||
InternalPlugList map[string]PlugInterface
|
||||
//外部插件列表
|
||||
ExternalPlugList map[string]ExternalPlug
|
||||
}
|
||||
|
||||
// 内部插件必须实现此接口
|
||||
// ResolvePacket - 包入口
|
||||
// BPFFilter - 设置BPF规则,例如mysql: (tcp and port 3306)
|
||||
// SetFlag - 设置参数
|
||||
// Version - 返回插件版本,例如0.1.0
|
||||
// All internal plug-ins must implement this interface
|
||||
// ResolvePacket - entry
|
||||
// BPFFilter - set BPF, like: mysql(tcp and port 3306)
|
||||
// SetFlag - plug-in params
|
||||
// Version - plug-in version
|
||||
type PlugInterface interface {
|
||||
//解析流
|
||||
ResolveStream(net gopacket.Flow, transport gopacket.Flow, r io.Reader)
|
||||
//BPF
|
||||
BPFFilter() string
|
||||
//设置插件需要的参数
|
||||
SetFlag([]string)
|
||||
//获取版本
|
||||
Version() string
|
||||
}
|
||||
|
||||
//外部插件
|
||||
type ExternalPlug struct {
|
||||
Name string
|
||||
Version string
|
||||
@@ -54,24 +44,17 @@ type ExternalPlug struct {
|
||||
SetFlag func([]string)
|
||||
}
|
||||
|
||||
//实例化
|
||||
func NewPlug() *Plug {
|
||||
|
||||
var p Plug
|
||||
|
||||
//设置默认插件目录
|
||||
p.dir, _ = filepath.Abs( "./plug/")
|
||||
|
||||
//加载内部插件
|
||||
p.LoadInternalPlugList()
|
||||
|
||||
//加载外部插件
|
||||
p.LoadExternalPlugList()
|
||||
|
||||
return &p
|
||||
}
|
||||
|
||||
//加载内部插件
|
||||
func (p *Plug) LoadInternalPlugList() {
|
||||
|
||||
list := make(map[string]PlugInterface)
|
||||
@@ -91,12 +74,11 @@ func (p *Plug) LoadInternalPlugList() {
|
||||
p.InternalPlugList = list
|
||||
}
|
||||
|
||||
//加载外部so后缀插件
|
||||
func (p *Plug) LoadExternalPlugList() {
|
||||
|
||||
dir, err := ioutil.ReadDir(p.dir)
|
||||
if err != nil {
|
||||
panic(p.dir + "不存在,或者无权访问")
|
||||
panic(p.dir + "not found")
|
||||
}
|
||||
|
||||
p.ExternalPlugList = make(map[string]ExternalPlug)
|
||||
@@ -141,17 +123,15 @@ func (p *Plug) LoadExternalPlugList() {
|
||||
}
|
||||
}
|
||||
|
||||
//改变插件地址
|
||||
func (p *Plug) ChangePath(dir string) {
|
||||
p.dir = dir
|
||||
}
|
||||
|
||||
//打印插件列表
|
||||
func (p *Plug) PrintList() {
|
||||
|
||||
//Print Internal Plug
|
||||
for inPlugName, _ := range p.InternalPlugList {
|
||||
fmt.Println("内部插件:"+inPlugName)
|
||||
fmt.Println("internal plug : "+inPlugName)
|
||||
}
|
||||
|
||||
//split
|
||||
@@ -159,11 +139,10 @@ func (p *Plug) PrintList() {
|
||||
|
||||
//print External Plug
|
||||
for exPlugName, _ := range p.ExternalPlugList {
|
||||
fmt.Println("外部插件:"+exPlugName)
|
||||
fmt.Println("external plug : "+exPlugName)
|
||||
}
|
||||
}
|
||||
|
||||
//选择当前使用的插件 && 加载插件
|
||||
func (p *Plug) SetOption(plugName string, plugParams []string) {
|
||||
|
||||
//Load Internal Plug
|
||||
|
||||
Reference in New Issue
Block a user