Beispiel #1
0
func openTcpdump() (io.Writer, error) {
	tcpdump := exec.Command("tcpdump", "-U", "-r", "-")

	pipe, err := tcpdump.StdinPipe()
	if err != nil {
		return nil, err
	}

	tcpdump.Stdout = os.Stdout
	tcpdump.Stderr = os.Stderr

	err = tcpdump.Start()
	if err != nil {
		return nil, err
	}

	header := odp.MakeAlignedByteSlice(int(unsafe.Sizeof(pcapHeader{})))
	*(*pcapHeader)(unsafe.Pointer(&header[0])) = pcapHeader{
		magicNumber:  0xa1b23c4d, // nanosecond times
		versionMajor: 2,
		versionMinor: 4,
		thisZone:     0,
		sigFigs:      0,
		snapLen:      65535,
		network:      1, // ethernet frames
	}

	_, err = pipe.Write(header)
	return pipe, err
}
Beispiel #2
0
func writeTcpdumpPacket(pipe io.Writer, t time.Time, data []byte) error {
	header := odp.MakeAlignedByteSlice(int(unsafe.Sizeof(pcapPacketHeader{})))
	*(*pcapPacketHeader)(unsafe.Pointer(&header[0])) = pcapPacketHeader{
		sec:     uint32(t.Unix()),
		usec:    uint32(t.Nanosecond()), // nanosecond field despite name
		inclLen: uint32(len(data)),
		origLen: uint32(len(data)),
	}

	_, err := pipe.Write(header)
	if err != nil {
		return err
	}

	_, err = pipe.Write(data)
	return err
}