本文整理汇总了Golang中github.com/google/gopacket.NewPacketSource函数的典型用法代码示例。如果您正苦于以下问题:Golang NewPacketSource函数的具体用法?Golang NewPacketSource怎么用?Golang NewPacketSource使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NewPacketSource函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: readARP
// readARP watches a handle for incoming ARP responses we might care about, and prints them.
//
// readARP loops until 'stop' is closed.
func readARP(handle *pcap.Handle, iface *net.Interface, stop chan struct{}) {
src := gopacket.NewPacketSource(handle, layers.LayerTypeEthernet)
in := src.Packets()
for {
var packet gopacket.Packet
select {
case <-stop:
return
case packet = <-in:
arpLayer := packet.Layer(layers.LayerTypeARP)
if arpLayer == nil {
continue
}
arp := arpLayer.(*layers.ARP)
if arp.Operation != layers.ARPReply || bytes.Equal([]byte(iface.HardwareAddr), arp.SourceHwAddress) {
// This is a packet I sent.
continue
}
// Note: we might get some packets here that aren't responses to ones we've sent,
// if for example someone else sends US an ARP request. Doesn't much matter, though...
// all information is good information :)
log.Printf("IP %v is at %v", net.IP(arp.SourceProtAddress), net.HardwareAddr(arp.SourceHwAddress))
}
}
}示例2: packetSource
func packetSource() *gopacket.PacketSource {
if *inputPcap != "" {
handle, err := pcap.OpenOffline(*inputPcap)
if err != nil {
log.Fatalln(err)
}
fmt.Printf("open pcap file \"%s\"\n", *inputPcap)
return gopacket.NewPacketSource(handle, handle.LinkType())
}
if *device == "" {
*device = autoSelectDev()
if *device == "" {
log.Fatalln("no device to capture")
}
}
handle, err := pcap.OpenLive(*device, 1024*1024, true, pcap.BlockForever)
if err != nil {
log.Fatalln(err)
}
if *bpf != "" {
if err = handle.SetBPFFilter(*bpf); err != nil {
log.Fatalln("Failed to set BPF filter:", err)
}
}
fmt.Printf("open live on device \"%s\", bpf \"%s\", serves on port %d\n", *device, *bpf, *bindingPort)
return gopacket.NewPacketSource(handle, handle.LinkType())
}示例3: runTestZone
func runTestZone(){
fmt.Println("We're in test zone")
if handle, err := pcap.OpenOffline("/home/jnankin/Desktop/test.pcap"); err != nil {
panic(err)
} else {
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
if packet.Layer(layers.LayerTypeTCP) != nil {
appLayer := packet.ApplicationLayer()
fmt.Println("APP LAYER: \n" + string(appLayer.Payload()) + "\n\n");
sipMessage := sipparser.ParseMsg(string(appLayer.Payload()))
fmt.Println("SIP BODY: \n" + sipMessage.Body + "\n\n");
fmt.Println("Content length: \n" + sipMessage.ContentLength + "\n\n");
/*SIP PDU detection: 1st Line contains SIP/2.0
foreach line, if it's a content length, set it.
add each line to the current sip message
if the line is blank:
if I have a content length:
add content length more bytes from the message to the current sip message
add the current message to the list of messages found
if there are still messages in the buffer, the packet is fragmented and we need more messages
*/
}
}
}
}示例4: main
func main() {
// Open device
handle, err = pcap.OpenLive(device, snapshot_len, promiscuous, timeout)
if err != nil {
log.Fatal(err)
}
defer handle.Close()
bpfInstructions := []pcap.BPFInstruction{
{0x20, 0, 0, 0xfffff038}, // ld rand
{0x54, 0, 0, 0x00000004},
{0x15, 0, 1, 0x00000004},
{0x06, 0, 0, 0x0000ffff},
{0x06, 0, 0, 0000000000},
}
err = handle.SetBPFInstructionFilter(bpfInstructions)
if err != nil {
log.Fatal(err)
}
fmt.Println("Capturing ~4th packet (randomly).")
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
// Do something with a packet here.
fmt.Println(packet)
}
}示例5: TestNgnet
func TestNgnet(t *testing.T) {
eventChan := make(chan interface{}, 1024)
f := NewHttpStreamFactory(eventChan)
pool := tcpassembly.NewStreamPool(f)
assembler := tcpassembly.NewAssembler(pool)
packetCount := 0
fmt.Println("Run")
if handle, err := pcap.OpenOffline("dump.pcapng"); err != nil {
panic(err)
} else {
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
net_layer := packet.NetworkLayer()
trans_layer := packet.TransportLayer()
if net_layer == nil {
continue
}
if trans_layer == nil {
continue
}
packetCount++
tcp, _ := trans_layer.(*layers.TCP)
assembler.AssembleWithTimestamp(net_layer.NetworkFlow(), tcp, packet.Metadata().CaptureInfo.Timestamp)
}
}
assembler.FlushAll()
f.Wait()
fmt.Println("packet:", packetCount, "http:", len(eventChan))
}示例6: ProcessPackets
func ProcessPackets(pcapFile string,
mongodHost string,
mongodPort string) {
if handle, err := pcap.OpenOffline(pcapFile); err != nil {
panic(err)
} else {
var connectionWaitGroup sync.WaitGroup
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
firstPacket := <-packetSource.Packets()
packetMinTimestamp = GetPacketTime(firstPacket)
mapHostConnection = make(map[string]*MongoConnection)
SendPacket(firstPacket,
&connectionWaitGroup,
mongodHost,
mongodPort)
for packet := range packetSource.Packets() {
SendPacket(packet,
&connectionWaitGroup,
mongodHost,
mongodPort)
}
for _, mConnection := range mapHostConnection {
mConnection.EOF()
}
connectionWaitGroup.Wait()
}
}示例7: Read_RAW_Socket_Data
//----- PCAP read from
func Read_RAW_Socket_Data() {
fmt.Println("|---------------------------------------------------------------|")
fmt.Println("| [scanner] Opening Device (PROMISCUOUS_MODE): " + networkDeviceName + "\t\t|")
// Open device
handle, err = pcap.OpenLive(networkDeviceName, snapshot_len, promiscuous, timeout)
if err != nil {
fmt.Println("| ----------------=============================-----------------|")
fmt.Println("| Looks like there is an error getting live network stream. Try |")
fmt.Println("| running it again with 'sudo' command |")
fmt.Println("| ----------------=============================-----------------|")
log.Fatal(err)
}
defer handle.Close()
// Set filter
var filter string = "tcp"
err = handle.SetBPFFilter(filter)
if err != nil {
log.Fatal(err)
}
fmt.Println("Only capturing TCP port 80 packets.")
// Use the handle as a packet source to process all packets
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
process_gopacket(packet)
}
}示例8: Startcollect
func Startcollect(port int, device string, timesignal <-chan time.Time) {
handle, err = pcap.OpenLive(device, snapshotLen, promiscuous, timeout)
if err != nil {
glog.Info(err.Error())
}
defer handle.Close()
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
templocalip, err := checkLocalip(device)
localip = templocalip
if glog.V(0) {
glog.Info(localip)
}
httpinstancelist = list.New()
if err != nil {
glog.Info(err.Error())
}
A:
for packet := range packetSource.Packets() {
select {
case <-timesignal:
break A
default:
processPacketInfo(packet)
}
}
}示例9: main
func main() {
// Open output pcap file and write header
dumpFile, _ := os.Create(dumpFilename)
packetWriter := pcapgo.NewWriter(dumpFile)
packetWriter.WriteFileHeader(65535, layers.LinkTypeEthernet)
defer dumpFile.Close()
// Open device for capturing
handle, err = pcap.OpenLive(deviceName, snapshotLen, promiscuous, timeout)
if err != nil {
log.Fatal("Error opening device %s: %v", deviceName, err)
}
defer handle.Close()
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
// Start processing packets
for packet := range packetSource.Packets() {
fmt.Println(packet)
packetWriter.WritePacket(packet.Metadata().CaptureInfo, packet.Data())
packetCount++
// Only capture 100 packets
if packetCount > 100 {
break
}
}
}示例10: main
func main() {
flag.Parse()
var handle *pcap.Handle
var err error
if *fname != "" {
log.Printf("Reading from pcap dump %q", *fname)
handle, err = pcap.OpenOffline(*fname)
} else {
log.Printf("Starting capture on interface %q", *iface)
handle, err = pcap.OpenLive(*iface, int32(*snaplen), true, pcap.BlockForever)
}
if err != nil {
log.Fatal(err)
}
if err := handle.SetBPFFilter(*filter); err != nil {
log.Fatal(err)
}
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
if packet == nil {
return
}
if udpLayer := packet.Layer(layers.LayerTypeUDP); udpLayer != nil {
udp, _ := udpLayer.(*layers.UDP)
fwdSIPPacket(udp.BaseLayer.Payload)
}
}
}示例11: main
func main() {
if len(os.Args) != 2 {
fmt.Printf("Usage: %s pcap\n", os.Args[0])
os.Exit(0)
}
input, output := os.Args[1], "out.ts"
handle, err := pcap.OpenOffline(input)
if err != nil {
log.Fatal(err)
}
defer handle.Close()
f, err := os.Create(output)
if err != nil {
log.Fatal(err)
}
defer f.Close()
source := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range source.Packets() {
appLayer := packet.ApplicationLayer()
if appLayer != nil {
payload := appLayer.Payload()
if len(payload) == UDPSize {
f.Write(payload)
} else if len(payload) == HRTPSize {
offset := HRTPSize - UDPSize
f.Write(payload[offset:HRTPSize])
}
}
}
}示例12: main
func main() {
getLocalAddresses()
log.Print(getFilterString())
//if handle, err := pcap.OpenOffline("attack3.pcap"); err != nil {
if handle, err := pcap.OpenLive("any", 512, false, pcap.BlockForever); err != nil {
panic(err)
} else if err := handle.SetBPFFilter(getFilterString()); err != nil {
panic(err)
} else {
//var offset time.Duration
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
/*
// delay to simulate actual time span
if offset == 0 {
offset = time.Now().Sub(packet.Metadata().Timestamp)
}
sleep := packet.Metadata().Timestamp.Add(offset).Sub(time.Now())
time.Sleep(sleep)
*/
handlePacket(packet)
}
}
}示例13: TestTCP
func TestTCP(t *testing.T) {
handle, err := pcap.OpenOffline("tcptest.pcap")
if err != nil {
panic(err)
}
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
defer handle.Close()
tcpPack := make(chan gopacket.Packet, 10)
nomalPack := make(chan gopacket.Packet, 5)
for input_pack := range packetSource.Packets() { // send tcp package for channel
tcpLayer := input_pack.Layer(layers.LayerTypeTCP)
if tcpLayer != nil {
tcpPack <- input_pack
// send packet to tcp ASSEMBLER
}
}
streamFactory := &DNSStreamFactory{normal: nomalPack}
streamPool := tcpassembly.NewStreamPool(streamFactory)
assembler := tcpassembly.NewAssembler(streamPool)
go tcpAssemble(tcpPack, assembler)
pack := <-nomalPack
udpLayer := pack.Layer(layers.LayerTypeUDP)
if udpLayer == nil {
t.Errorf("can not fine udp Layer in result")
}
dns_message := new(dns.Msg)
err = dns_message.Unpack(udpLayer.LayerPayload())
if err != nil {
t.Errorf("can not parse dns message")
}
fmt.Printf(dns_message.String())
}示例14: mangleDNS
/*
FUNCTION: mangleDNS(){
RETURNS: Nothing
ARGUMENTS: None
ABOUT:
Performs the DNS spoofing against the victims machine. Sets all dns traffic to redirect to the host
machines IP address.
*/
func mangleDNS() {
var ethernetLayer layers.Ethernet
var ipLayer layers.IPv4
var dnsLayer layers.DNS
var udpLayer layers.UDP
decoder := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, ðernetLayer, &ipLayer, &udpLayer, &dnsLayer)
decoded := make([]gopacket.LayerType, 0, 4)
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for {
packet, err := packetSource.NextPacket()
checkError(err)
err = decoder.DecodeLayers(packet.Data(), &decoded)
checkError(err)
if len(decoded) != 4 {
fmt.Print("Not enough layers\n")
continue
}
buffer := craftAnswer(ðernetLayer, &ipLayer, &dnsLayer, &udpLayer)
if buffer == nil { // if original query was invalid
fmt.Print("Buffer error, returned nil.\n")
continue
}
err = handle.WritePacketData(buffer)
checkError(err)
}
}示例15: main
func main() {
defer util.Run()()
var handle *pcap.Handle
var err error
// Set up pcap packet capture
if *fname != "" {
log.Printf("Reading from pcap dump %q", *fname)
handle, err = pcap.OpenOffline(*fname)
} else {
log.Fatalln("Error: pcap file name is required!")
// log.Printf("Starting capture on interface %q", *iface)
// handle, err = pcap.OpenLive(*iface, int32(*snaplen), true, pcap.BlockForever)
}
if err != nil {
log.Fatal(err)
}
if err := handle.SetBPFFilter(*filter); err != nil {
log.Fatal(err)
}
// Set up assembly
streamFactory := &httpStreamFactory{}
streamPool := tcpassembly.NewStreamPool(streamFactory)
assembler := tcpassembly.NewAssembler(streamPool)
log.Println("reading in packets")
// Read in packets, pass to assembler.
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
packets := packetSource.Packets()
ticker := time.Tick(time.Minute)
for {
select {
case packet := <-packets:
// A nil packet indicates the end of a pcap file.
if packet == nil {
return
}
if *logAllPackets {
log.Println("\npacket:")
// log.Println(packet)
}
if packet.NetworkLayer() == nil || packet.TransportLayer() == nil || packet.TransportLayer().LayerType() != layers.LayerTypeTCP {
log.Println("Unusable packet")
continue
}
tcp := packet.TransportLayer().(*layers.TCP)
log.Printf("\n.......................................................\n")
log.Printf("packet:\n")
log.Printf("packet.Metadata().Timestamp=%T=%v=%v:\n%#v\n", packet.Metadata().Timestamp, packet.Metadata().Timestamp, packet.Metadata().Timestamp.UTC(), packet.Metadata().Timestamp)
assembler.AssembleWithTimestamp(packet.NetworkLayer().NetworkFlow(), tcp, packet.Metadata().Timestamp)
case <-ticker:
// Every minute, flush connections that haven't seen activity in the past 2 minutes.
assembler.FlushOlderThan(time.Now().Add(time.Minute * -2))
}
}
}