Beispiel #1
0
func pcapWrite(w *pcapgo.Writer, pack chan gopacket.Packet) error {
	var err error
	for {
		packet := <-pack
		fmt.Println("receive a package in pcap Write")
		err = w.WritePacket(packet.Metadata().CaptureInfo, packet.Data()) // write the payload
		if err != nil {
			fmt.Println("error in Write File: ", err)
			continue
		}
		fmt.Println("susccessfully write a package")
	}
	return err
}
Beispiel #2
0
func runNGNet(packetSource *gopacket.PacketSource) {
	streamFactory := ngnet.NewHttpStreamFactory(eventChan)
	pool := tcpassembly.NewStreamPool(streamFactory)
	assembler := tcpassembly.NewAssembler(pool)

	var pcapWriter *pcapgo.Writer
	if *outputPcap != "" {
		outPcapFile, err := os.Create(*outputPcap)
		if err != nil {
			log.Fatalln(err)
		}
		defer outPcapFile.Close()
		pcapWriter = pcapgo.NewWriter(outPcapFile)
		pcapWriter.WriteFileHeader(65536, layers.LinkTypeEthernet)
	}

	var count int = 0
	for packet := range packetSource.Packets() {
		count++
		net_layer := packet.NetworkLayer()
		if net_layer == nil {
			continue
		}
		trans_layer := packet.TransportLayer()
		if trans_layer == nil {
			continue
		}
		tcp, _ := trans_layer.(*layers.TCP)
		if tcp == nil {
			continue
		}

		if pcapWriter != nil {
			pcapWriter.WritePacket(packet.Metadata().CaptureInfo, packet.Data())
		}

		assembler.AssembleWithTimestamp(
			net_layer.NetworkFlow(),
			tcp,
			packet.Metadata().CaptureInfo.Timestamp)
	}

	assembler.FlushAll()
	streamFactory.Wait()
	log.Println("Packet count: ", count)
}