Example #1
0
func findPcapDevices(addr string) (interfaces []pcap.Interface, err error) {
	devices, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatal(err)
	}

	for _, device := range devices {
		if (addr == "" || addr == "0.0.0.0" || addr == "[::]" || addr == "::") && len(device.Addresses) > 0 {
			interfaces = append(interfaces, device)
			continue
		}

		for _, address := range device.Addresses {
			if device.Name == addr || address.IP.String() == addr {
				interfaces = append(interfaces, device)
				return interfaces, nil
			}
		}
	}

	if len(interfaces) == 0 {
		return nil, &DeviceNotFoundError{addr}
	} else {
		return interfaces, nil
	}
}
Example #2
0
func main() {
	// Find all devices
	devices, err := pcap.FindAllDevs()

	if err != nil {
		log.Fatal(err)
	}

	// Print device information
	fmt.Println("Devices found:")
	fmt.Println(devices)
	for _, device := range devices {
		fmt.Println("\nName: ", device.Name)
		fmt.Println("Description: ", device.Description)
		fmt.Println("Devices addresses: ", device.Description)
		for _, address := range device.Addresses {
			fmt.Println("- IP address: ", address.IP)
			fmt.Println("- Subnet mask: ", address.Netmask)
		}
	}

	//or use the net.interfaces direactly (do not use root privilages)
	newdevices, _ := net.Interfaces()
	for _, device := range newdevices {
		fmt.Printf("%v\n", device)
	}

}
Example #3
0
func autoSelectDev() string {
	ifs, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatalln(err)
	}
	var available []string
	for _, i := range ifs {
		addrFound := false
		var addrs []string
		for _, addr := range i.Addresses {
			if addr.IP.IsLoopback() ||
				addr.IP.IsMulticast() ||
				addr.IP.IsUnspecified() ||
				addr.IP.IsLinkLocalUnicast() {
				continue
			}
			addrFound = true
			addrs = append(addrs, addr.IP.String())
		}
		if addrFound {
			available = append(available, i.Name)
		}
	}
	if len(available) > 0 {
		return available[0]
	}
	return ""
}
Example #4
0
func setupPcap(device *string, port *string, rediscommand_ch chan<- redis_protocol.RedisCommand) {
	var h *pcap.Handle
	var err error

	ifs, err_str := pcap.FindAllDevs()
	if len(ifs) == 0 {
		fmt.Printf("Warning: no devices found : %s\n", err_str)
	}

	h, err = pcap.OpenLive(*device, int32(65535), true, 1000)
	if h == nil {
		fmt.Printf("Openlive(%s) failed: %s\n", *device, err)
		return
	}
	defer h.Close()

	err = h.SetBPFFilter("dst port " + *port)
	if err != nil {
		fmt.Println("set filter failed")
		return
	}

	packetSource := gopacket.NewPacketSource(h, h.LinkType())
	for pkt := range packetSource.Packets() {
		applicationLayer := pkt.ApplicationLayer()

		if applicationLayer == nil {
			continue
		}

		s := string(applicationLayer.Payload())

		if s == "" {
			continue
		}

		rediscommand, err := redis_protocol.Parse(s)
		if err != nil {
			fmt.Println(err)
			continue
		}

		ipLayer := pkt.Layer(layers.LayerTypeIPv4)
		if ipLayer != nil {
			ip, _ := ipLayer.(*layers.IPv4)
			rediscommand.Ipaddr = []byte(ip.SrcIP.String())
		} else {
			ipLayer := pkt.Layer(layers.LayerTypeIPv6)
			if ipLayer != nil {
				ip, _ := ipLayer.(*layers.IPv6)
				rediscommand.Ipaddr = []byte(ip.SrcIP.String())
			}
		}
		rediscommand_ch <- *rediscommand
	}
}
Example #5
0
func getInterfaceName() string {
	ip := common.GetHostIp()
	devices, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatal(err)
	}

	for _, dev := range devices {
		addrs := dev.Addresses
		for _, addr := range addrs {
			if addr.IP.String() == ip {
				return dev.Name
			}
		}
	}

	return ""
}
Example #6
0
func main() {
	// Find all devices
	devices, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatal(err)
	}

	// Print device information
	fmt.Println("Devices found:")
	for _, device := range devices {
		fmt.Println("\nName: ", device.Name)
		fmt.Println("Description: ", device.Description)
		fmt.Println("Devices addresses: ", device.Description)
		for _, address := range device.Addresses {
			fmt.Println("- IP address: ", address.IP)
			fmt.Println("- Subnet mask: ", address.Netmask)
		}
	}
}
Example #7
0
func (e *DeviceNotFoundError) Error() string {
	devices, _ := pcap.FindAllDevs()

	if len(devices) == 0 {
		return "Can't get list of network interfaces, ensure that you running Gor as root user or sudo.\nTo run as non-root users see this docs https://github.com/buger/gor/wiki/Running-as-non-root-user"
	}

	var msg string
	msg += "Can't find interfaces with addr: " + e.addr + ". Provide available IP for intercepting traffic: \n"
	for _, device := range devices {
		msg += "Name: " + device.Name + "\n"
		if device.Description != "" {
			msg += "Description: " + device.Description + "\n"
		}
		for _, address := range device.Addresses {
			msg += "- IP address: " + address.IP.String() + "\n"
		}
	}

	return msg
}
Example #8
0
func TestInitHandleDev(t *testing.T) {

	if u, err := user.Current(); err != nil || u.Username != "root" {
		t.Skip("We're not root, so we can't open devices for capture")
	}

	devices, err := pcap.FindAllDevs()
	if err != nil {
		t.Log(err)
		return
	}

	t.Log(devices)

	for _, device := range devices {
		handle := initHandle(&pdnsConfig{device: device.Name, pcapFile: "", bpf: "port 53", pfring: false})
		if handle == nil {
			t.Logf("Error while building handle for %s", device.Name)
		}
	}
}
Example #9
0
func main() {
	log.Println("Starting up...")
	flag.Parse()
	devs, err := pcap.FindAllDevs()
	if err != nil || len(devs) == 0 {
		log.Fatalf("No devices found, you must run this as 'root' on OSX - try:\n sudo GOPATH=/Users/slowteetoe/go go run identify.go\n (error was: %v)\n", err)
	}
	h, err := pcap.OpenLive(*interfaceName, 65536, true, pcap.BlockForever)
	if err != nil || h == nil {
		log.Printf("Error obtaining handle: %s\n", err)
		log.Println("Valid interfaces on this device:")
		for d := range devs {
			log.Println(devs[d].Name)
		}
		return
	}
	defer h.Close()

	err = h.SetBPFFilter("arp")
	if err != nil {
		log.Fatalf("Unable to set filter! %s\n", err)
	}

	log.Println("Listening for ARP packets on en0 to identify dash button.\nPress the dash button and watch the screen. You will want the 'Source MAC'")

	packetSource := gopacket.NewPacketSource(h, h.LinkType())
	for packet := range packetSource.Packets() {

		ethernetLayer := packet.Layer(layers.LayerTypeEthernet)
		ethernetPacket, _ := ethernetLayer.(*layers.Ethernet)

		arpLayer := packet.Layer(layers.LayerTypeARP)
		arp, _ := arpLayer.(*layers.ARP)

		if bytes.Equal(arp.SourceProtAddress, emptySource) {
			log.Printf("ARP packet, Source MAC[%v], Destination MAC[%v]\n", ethernetPacket.SrcMAC, ethernetPacket.DstMAC)
		}
	}

}
Example #10
0
func main() {
	devs, err := pcap.FindAllDevs()
	if err != nil {
		panic(err)
	}

	wg := sync.WaitGroup{}
	for _, dev := range devs {
		wg.Add(1)
		dev := dev
		fmt.Println("开始混淆:")
		fmt.Println(dev.Name)
		fmt.Println(dev.Addresses)
		fmt.Println(dev.Description)
		fmt.Println("\r\n")
		go func() {
			defer wg.Done()
			capturePacket(dev.Name)
		}()
	}
	wg.Wait()
}
Example #11
0
func main() {
	//go func() {
	//	log.Println(http.ListenAndServe("localhost:6060", nil))
	//}()
	var flagSet = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
	var level = flagSet.String("level", "header", "Print level, url(only url) | header(http headers) | all(headers, and textuary http body)")
	var filePath = flagSet.String("file", "", "Read from pcap file. If not specified, will capture from network devices")
	var device = flagSet.String("device", "any", "Which network interface to capture. If any, capture all interface traffics")
	var filter = flagSet.String("filter", "", "Filter by ip/port, format: [ip][:port], eg: 192.168.122.46:50792, 192.168.122.46, :50792")
	var domain = flagSet.String("domain", "", "Filter by request domain, suffix match")
	var urlPath = flagSet.String("urlPath", "", "Filter by request url path, contains match")
	var force = flagSet.Bool("force", false, "Force print unknown content-type http body even if it seems not to be text content")
	var pretty = flagSet.Bool("pretty", false, "Try to format and prettify json content")
	var output = flagSet.String("output", "", "Write result to file [output] instead of stdout")
	flagSet.Parse(os.Args[1:])

	filterIP, filterPort := parseFilter(*filter)

	var config = &Config{
		level:      *level,
		filterIP:   filterIP,
		filterPort: filterPort,
		domain:     *domain,
		urlPath:    *urlPath,
		force:      *force,
		pretty:     *pretty,
		output:     *output,
	}

	var packets chan gopacket.Packet
	if *filePath != "" {
		// read from pcap file
		var handle = openFile(*filePath)
		packets = listenOneSource(handle)
	} else if *device == "any" && runtime.GOOS != "linux" {
		// capture all device
		// Only linux 2.2+ support any interface. we have to list all network device and listened on them all
		interfaces, err := pcap.FindAllDevs()
		if err != nil {
			log.Fatal("Find device error:", err)
		}
		var packetsSlice = make([]chan gopacket.Packet, len(interfaces))
		for _, itf := range interfaces {
			localPackets, err := openSingleDevice(itf.Name, filterIP, filterPort)
			if err != nil {
				fmt.Fprint(os.Stderr, "Open device", device, "error:", err)
				continue
			}
			packetsSlice = append(packetsSlice, localPackets)
		}
		packets = mergeChannel(packetsSlice)
	} else if *device != "" {
		// capture one device
		var err error
		packets, err = openSingleDevice(*device, filterIP, filterPort)
		if err != nil {
			log.Fatal("Listen on device", *device, "failed, error:", err)
		}
	} else {
		log.Fatal("Empty device")
	}

	var handler = &HttpConnectionHandler{
		config:  config,
		printer: newPrinter(*output),
	}
	var assembler = newTcpAssembler(handler)
	assembler.filterIp = filterIP
	assembler.filterPort = filterPort
	var ticker = time.Tick(time.Second * 30)

outer:
	for {
		select {
		case packet := <-packets:
			// A nil packet indicates the end of a pcap file.
			if packet == nil {
				break outer
			}

			// only assembly tcp/ip packets
			if packet.NetworkLayer() == nil || packet.TransportLayer() == nil ||
				packet.TransportLayer().LayerType() != layers.LayerTypeTCP {
				continue
			}
			var tcp = packet.TransportLayer().(*layers.TCP)

			assembler.assemble(packet.NetworkLayer().NetworkFlow(), tcp, packet.Metadata().Timestamp)

		case <-ticker:
			// flush connections that haven't seen activity in the past 2 minutes.
			assembler.flushOlderThan(time.Now().Add(time.Minute * -2))
		}
	}

	assembler.finishAll()
	waitGroup.Wait()
	handler.printer.finish()
	printerWaitGroup.Wait()
}
Example #12
0
func (d *MetroSniffer) Sniff() error {

	if d.pcapHandle == nil {

		log.Infof("starting capture on interface %q", d.Iface)

		if d.Iface != fileInterface {
			// Set up pcap packet capture
			inactive, err := pcap.NewInactiveHandle(d.Iface)
			if err != nil {
				log.Errorf("Unable to create inactive handle for %q", d.Iface)
				d.reporter.Stop()
				d.die(err)
				return err
			}
			defer inactive.CleanUp()

			inactive.SetSnapLen(d.Snaplen)
			inactive.SetPromisc(false)
			inactive.SetTimeout(time.Second)

			// TODO: Make the timestamp source selectable - Not all OS will allow that.
			//       call SupportedTimestamps() on handle to check what's available
			handle, err := inactive.Activate()
			if err != nil {
				log.Errorf("Unable to activate %q", d.Iface)
				d.reporter.Stop()
				d.die(err)
				return err
			}
			d.pcapHandle = handle
		} else {
			handle, err := pcap.OpenOffline(d.config.Pcap)
			if err != nil {
				log.Errorf("Unable to open pcap file %q", d.config.Pcap)
				d.reporter.Stop()
				d.die(err)
				return err
			}
			d.pcapHandle = handle
		}
	}

	ifaces, err := pcap.FindAllDevs()
	if err != nil {
		log.Criticalf("Error getting interface details: %s", err)
		panic(Exit{1})
	}

	ifaceFound := false
	ifaceDetails := make([]pcap.Interface, len(ifaces)-1)
	for i := range ifaces {
		if ifaces[i].Name == d.Iface {
			ifaceDetails[i] = ifaces[i]
			ifaceFound = true
		}
	}

	if !ifaceFound && d.Iface != fileInterface {
		log.Criticalf("Could not find interface details for: %s", d.Iface)
		panic(Exit{1})
	}

	// we need to identify if we're the source/destination
	for i := range ifaceDetails {
		for j := range ifaceDetails[i].Addresses {
			ipStr := ifaceDetails[i].Addresses[j].IP.String()
			if strings.Contains(ipStr, "::") {
				log.Infof("IPv6 currently unsupported ignoring: %s", ipStr)
			} else {
				d.hostIPs[ipStr] = true
			}
		}
	}

	for i := range d.config.Hosts {
		hostIPs, err := net.LookupHost(d.config.Hosts[i])
		if err != nil {
			log.Errorf("Error resolving name for: %s", d.config.Hosts[i])
			continue
		}
		for k := range hostIPs {
			d.config.Ips = append(d.config.Ips, hostIPs[k])
			d.nameLookup[hostIPs[k]] = d.config.Hosts[i]
			log.Infof("%s resolving to: %s", d.config.Hosts[i], hostIPs[k])
		}
	}

	hosts := make([]string, 0)
	for i := range d.config.Ips {
		hosts = append(hosts, fmt.Sprintf("host %s", d.config.Ips[i]))

		//add posible missing hostnames
		_, ok := d.nameLookup[d.config.Ips[i]]
		if !ok {
			hostnames, err := net.LookupAddr(d.config.Ips[i])
			if err != nil {
				log.Errorf("Problem looking up hostnames for: %s", d.config.Ips[i])
				continue
			}
			for j := range hostnames {
				d.nameLookup[d.config.Ips[i]] = hostnames[j]
				log.Infof("%s resolving to: %s", hostnames[j], d.config.Ips[i])
			}
		}
	}

	//let's make sure they haven't just whitelisted local ips/hosts
	localWhitelist := true
	for _, host := range d.config.Ips {
		_, local := d.hostIPs[host]
		if !local {
			localWhitelist = false
		}
	}
	if localWhitelist {
		err := errors.New("Whitelist cannot contain just local addresses! Bailing out")
		log.Errorf("%v : %v", err, hosts)
		d.reporter.Stop()
		d.die(err)
		return err
	}

	bpfFilter := ""
	if len(hosts) > 0 {
		bpfFilter = "(" + strings.Join(hosts, " or ") + ")"
	}

	d.Filter += " and not host 127.0.0.1"
	if len(hosts) > 0 {
		d.Filter += " and " + bpfFilter
	}

	log.Infof("Setting BPF filter: %s", d.Filter)
	if err := d.pcapHandle.SetBPFFilter(d.Filter); err != nil {
		log.Criticalf("error setting BPF filter: %s", err)
		panic(Exit{1})
	}

	log.Infof("reading in packets")
	if d.Iface == fileInterface {
		d.SniffOffline()
	} else {
		d.SniffLive()
	}

	for k := range d.flows.FlowMapKeyIterator() {
		flow, e := d.flows.Get(k)
		if e && flow.Sampled > 0 {
			if d.Soften {
				log.Infof("Flow %s\t w/ %d packets\tRTT:%6.2f ms", k, flow.Sampled, float64(int64(flow.SRTT)*int64(time.Nanosecond))/float64(time.Millisecond))
			} else {
				log.Infof("Flow %s\t w/ %d packets\tRTT:%6.2f ms", k, flow.Sampled, float64(flow.SRTT)*float64(time.Nanosecond)/float64(time.Millisecond))
			}
		}
	}

	//Shutdown reporter thread
	return d.reporter.Stop()
}
Example #13
0
func main() {
	flag.Parse()
	args := flag.Args()
	if len(args) != 2 {
		log.Printf("Usage: %s <ip> <port>\n", os.Args[0])
		os.Exit(-1)
	}

	// parse the destination host and port from the command line args
	dstip := net.ParseIP(args[0]).To4()
	dport_, err := strconv.ParseInt(args[1], 10, 16)
	if err != nil {
		log.Fatal(err)
	}
	dport := layers.TCPPort(dport_)
	sport := layers.TCPPort(5000)

	// get our local ip.
	srcip, err := localIP(dstip)
	if err != nil {
		log.Fatal(err)
	}

	devs, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatal(err)
	}

	dev := ""
	for _, d := range devs {
		for _, a := range d.Addresses {
			if bytes.Equal(a.IP, srcip) {
				dev = d.Name
			}
		}
		// if d.Description == "Realtek PCIe GBE Family Controller" {
		//   fmt.Println(d.Name)
		//   dev = d.Name
		// }

		// fmt.Println(dev.Description)
	}

	if dev == "" {
		log.Fatal("Could not find the appropriate adapter device")
	}

	srcmac, err := localMac(dev)
	if err != nil {
		log.Fatal(err)
	}

	dstmac, err := remoteMac(dev, srcmac, srcip, dstip)
	if err != nil {
		log.Fatal(err)
	}

	eth := &layers.Ethernet{
		SrcMAC:       srcmac,
		DstMAC:       dstmac,
		EthernetType: layers.EthernetTypeIPv4,
	}

	// Our IPv4 header
	ip := &layers.IPv4{
		Version:    4,
		IHL:        5,
		TOS:        0,
		Length:     20, // FIX
		Id:         2,
		Flags:      layers.IPv4DontFragment,
		FragOffset: 0, //16384,
		TTL:        3, //64,
		Protocol:   layers.IPProtocolTCP,
		Checksum:   0,
		SrcIP:      srcip,
		DstIP:      dstip,
	}

	// Our TCP header
	tcp := &layers.TCP{
		SrcPort:  sport,
		DstPort:  dport,
		Seq:      0,
		Ack:      0,
		SYN:      true,
		Window:   64240,
		Checksum: 0,
		Urgent:   0,
	}
	tcp.DataOffset = 5 // uint8(unsafe.Sizeof(tcp))
	tcp.SetNetworkLayerForChecksum(ip)

	buf := gopacket.NewSerializeBuffer()
	err = gopacket.SerializeLayers(
		buf,
		gopacket.SerializeOptions{
			ComputeChecksums: true, // automatically compute checksums
			FixLengths:       true,
		},
		eth, ip, tcp,
	)
	if err != nil {
		log.Fatal(err)
	}

	handle, err := pcap.OpenLive(`rpcap://`+dev, 65535, true, time.Second*1)
	if err != nil {
		log.Fatal(err)
	}
	defer handle.Close()

	var wg sync.WaitGroup

	handle.SetBPFFilter(fmt.Sprintf("tcp and host %s and host %s and port %d and port %d", srcip.String(), dstip.String(), sport, dport))
	packetSource := gopacket.NewPacketSource(handle, handle.LinkType())

	wg.Add(1)
	go func() {
		stop := false

		go func() {
			<-time.After(time.Second * 2)
			stop = true
		}()

		for {
			if stop {
				break
			}

			packet, err := packetSource.NextPacket()
			if err == io.EOF {
				break
			} else if err != nil {
				//log.Println("Error:", err)
				continue
			}

			if tcpLayer := packet.Layer(layers.LayerTypeTCP); tcpLayer != nil {
				tcp, _ := tcpLayer.(*layers.TCP)
				if tcp.SrcPort == dport && tcp.DstPort == sport {
					if tcp.SYN && tcp.ACK {
						fmt.Printf("Port %d is OPEN\n", dport_)
					} else {
						fmt.Printf("Port %d is CLOSED\n", dport_)
					}
					break
				}
				//fmt.Printf("From src port %d to dst port %d\n", tcp.SrcPort, tcp.DstPort)
			}
		}

		wg.Done()
	}()

	err = handle.WritePacketData(buf.Bytes())
	if err != nil {
		log.Fatal(err)
	}

	wg.Wait()
}
Example #14
0
func main() {
	flag.Parse()

	devices, err := pcap.FindAllDevs()
	if err != nil {
		log.Fatal(err)
	}

	filter := ""
	for _, dev := range devices {
		if dev.Name == *device {
			fmt.Println(dev)
			for _, address := range dev.Addresses {
				filter = fmt.Sprintf("not ip host %s ", address.IP)
				hostIP = address.IP.String()
				break
			}
		}
	}

	handle, err := pcap.OpenLive(*device, 65536, true, 0)
	if err != nil {
		defer handle.Close()
		panic(err)
	}

	err = handle.SetBPFFilter(filter)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(handle.LinkType())
	packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
	fmt.Println("Connection to ", *serverHost, *serverPort)
	client := osc.NewClient(*serverHost, *serverPort)

	var clients = struct {
		sync.RWMutex
		m              map[string]*activity
		instrumentPool []int
	}{m: make(map[string]*activity)}

	instruments := map[int]*instrument{
		0: &instrument{"snare", mapSnareLevel, adjustDrumLevel, sendDrumMessage, mapPitchLevel},
		1: &instrument{"kick", mapKickLevel, adjustDrumLevel, sendDrumMessage, mapPitchLevel},
		2: &instrument{"bass", mapMelodyLevel, adjustMelodyLevel, sendMelodyMessage, mapPitchLevel},
		3: &instrument{"hh", mapDrumLevel, adjustDrumLevel, sendDrumMessage, mapPitchLevel},
		4: &instrument{"melody", mapMelodyLevel, adjustMelodyLevel, sendMelodyMessage, mapPitchLevel},
		5: &instrument{"melody2", mapMelodyLevel, adjustMelodyLevel, sendMelodyMessage, mapPitchLevel},
		6: &instrument{"chords", mapChordLevel, adjustLevel, sendMelodyMessage, mapChordPitchLevel},
		7: &instrument{"conga", mapDrumLevel, adjustDrumLevel, sendDrumMessage, mapPitchLevel},
		8: &instrument{"clap", mapDrumLevel, adjustDrumLevel, sendDrumMessage, mapPitchLevel},
	}

	server := serv()
	t := &ticker{msgDelay: time.Duration(2) * time.Second, resetDelay: time.Duration(16) * time.Second}
	oscServ(t)

	go func() {
		for {
			clients.Lock()

			var keys []string
			for k := range clients.m {
				keys = append(keys, k)
			}
			sort.Strings(keys)

			delayValue := 0
			if len(keys) > 4 {
				delayValue = 1
			}
			sendDelayMessage(client, delayValue)

			server.BroadcastTo("chat", "chat clear", "")
			for _, key := range keys {
				value := clients.m[key]
				elapsed := time.Since(value.since)
				pps := float64(value.currentPackets()) / elapsed.Seconds()
				bps := float64(value.sizeSum) / elapsed.Seconds()

				instrument, ok := instruments[value.instrument]
				info := ""

				if ok {
					targetLevel, offbeat := instrument.mapLevel(bps)
					if targetLevel == 0 {
						clients.instrumentPool = append(clients.instrumentPool, value.instrument)
						sort.Ints(clients.instrumentPool)
						delete(clients.m, key)
					}
					pitch := instrument.mapPitchLevel(pps)
					instrument.adjustCurrentLevel(value, targetLevel)
					instrument.sendMessage(client, value.currentLevel, pitch, offbeat, instrument.name)

					info = fmt.Sprintf("MAC: %s, instrument: %s, pps: %.2f, bps: %.2f, elapsed: %.2f, level: %d, pitch: %d", key, instrument.name, pps, bps, elapsed.Seconds(), value.currentLevel, pitch)
					fmt.Println(info)
					server.BroadcastTo("chat", "chat message", info)
				} else {
					clients.instrumentPool = append(clients.instrumentPool, value.instrument)
					sort.Ints(clients.instrumentPool)
					delete(clients.m, key)
				}
			}

			if len(keys) > 0 {
				fmt.Println()
			}
			clients.Unlock()

			t.RLock()
			var dl = t.msgDelay
			fmt.Println("msg tick at", t.msgDelay)
			t.RUnlock()
			time.Sleep(dl)
		}
	}()

	go func() {
		for {
			clients.Lock()

			for _, value := range clients.m {
				value.since = time.Now()
				value.packets = 0
				value.sizeSum = 0
			}
			clients.Unlock()

			t.RLock()
			var dl = t.resetDelay
			fmt.Println("reset tick at", t.resetDelay)
			t.RUnlock()
			time.Sleep(dl)
		}
	}()

	for packet := range packetSource.Packets() {
		// fmt.Println(packet)
		// Let's see if the packet is an ethernet packet
		ethernetLayer := packet.Layer(layers.LayerTypeEthernet)
		if ethernetLayer != nil {
			// fmt.Println("Ethernet layer detected.")
			ethernetPacket, _ := ethernetLayer.(*layers.Ethernet)
			// fmt.Println("Source MAC: ", ethernetPacket.SrcMAC, "Destination MAC: ", ethernetPacket.DstMAC)
			// Ethernet type is typically IPv4 but could be ARP or other
			// fmt.Println("Ethernet type: ", ethernetPacket.EthernetType)

			clients.Lock()
			packetLength := len(ethernetPacket.Payload)

			_, ok := clients.m[ethernetPacket.DstMAC.String()]
			if ok {
				p := clients.m[ethernetPacket.DstMAC.String()]
				p.increment()
				p.addPacketSize(packetLength)
			} else {
				var instrument int
				if len(clients.instrumentPool) != 0 {
					instrument = clients.instrumentPool[0]
					clients.instrumentPool = append(clients.instrumentPool[:0], clients.instrumentPool[0+1:]...)
				} else {
					instrument = len(clients.m)
				}
				clients.m[ethernetPacket.DstMAC.String()] = &activity{1, packetLength, time.Now(), instrument, 0}
			}
			clients.Unlock()
		}
	}
}
Example #15
0
func main() {
	defer handleExit()
	defer log.Flush()
	flag.Parse()

	logger := initLogging(true, "warning")

	//Parse config
	filename, _ := filepath.Abs(*cfg)

	yamlFile, err := ioutil.ReadFile(filename)
	if err != nil {
		//hack so that supervisord doesnt consider it "too quick" an exit.
		time.Sleep(time.Second * 5)
		panic(Exit{0})
	}

	var cfg MetroConfig
	err = cfg.Parse(yamlFile)
	if err != nil {
		log.Criticalf("Error parsing configuration file: %s ", err)
		panic(Exit{1})
	}

	//set logging
	if cfg.InitConf.LogToFile {
		logger = initLogging(true, cfg.InitConf.LogLevel)
	} else {
		logger = initLogging(false, cfg.InitConf.LogLevel)
	}
	defer logger.Close()

	//Install signal handler
	signalChan := make(chan os.Signal, 1)
	signal.Notify(signalChan,
		syscall.SIGHUP,
		syscall.SIGINT,
		syscall.SIGTERM,
		syscall.SIGQUIT)

	exitChan := make(chan bool)
	go func() {
		for {
			s := <-signalChan
			switch s {
			// kill -SIGHUP XXXX
			case syscall.SIGHUP:
				log.Warn("hungup")
				exitChan <- true

				// kill -SIGINT XXXX or Ctrl+c
			case syscall.SIGINT:
				log.Warn("sig int caught, shutting down.")
				exitChan <- true

				// kill -SIGTERM XXXX
			case syscall.SIGTERM:
				log.Warn("force stop")
				exitChan <- true

				// kill -SIGQUIT XXXX
			case syscall.SIGQUIT:
				log.Warn("stop and core dump")
				exitChan <- true

			default:
				fmt.Println("Unknown signal.")
			}
		}
	}()

	ifaces, err := pcap.FindAllDevs()
	if err != nil {
		log.Criticalf("Error getting interface details: %s", err)
		panic(Exit{1})
	}

	sniffers := make([]*MetroSniffer, 0)
	for i := range cfg.Configs {
		if len(cfg.Configs[i].Ips) == 0 && len(cfg.Configs[i].Hosts) == 0 {
			log.Errorf("Whitelists must be enabled for go-metro to run (you may whitelist by IP or hostname in config file).")
			panic(Exit{1})
		}
		for j := range ifaces {
			if ifaces[j].Name == cfg.Configs[i].Interface {
				log.Infof("Will attempt sniffing off interface %q", cfg.Configs[i].Interface)
				metrosniffer, err := NewMetroSniffer(cfg.InitConf, cfg.Configs[i], *filter)
				if err == nil {
					sniffers = append(sniffers, metrosniffer)
					metrosniffer.Start()
				} else {
					log.Errorf("Unable to instantiate sniffer for interface %q", cfg.Configs[i].Interface)
				}
			}
		}
	}

	if len(sniffers) == 0 {
		log.Criticalf("No sniffers available, baling out (please check your configuration and privileges).")
		panic(Exit{1})
	}

	//Check all sniffers are up and running or quit.
	log.Debug("Waiting for sniffers to start...")
	time.Sleep(time.Second)
	for i := range sniffers {
		running := sniffers[i].Running()
		if !running {
			log.Criticalf("Unable to start sniffer for interface: %q (please check your configuration and privileges).", sniffers[i].Iface)
			os.Exit(1)
		}
	}

	quit := false
	for !quit {
		msg := <-exitChan
		switch msg {
		case true:
			quit = true
		case false:
		default:
			quit = false
		}
	}

	//Stop the show
	for i := range sniffers {
		err := sniffers[i].Stop()
		if err != nil {
			log.Infof("Error shutting down %s sniffer: %v.", sniffers[i].Iface, err)
		}
	}

}