Exemple #1
0
func main() {
	flag.Parse()
	args := flag.Args()

	if flag.NArg() != 1 {
		usage()
	}

	f, err := os.Create(args[0])
	if err != nil {
		log.Fatal(err)
	}
	defer func() {
		if err := f.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	pw := pcap.NewWriter(f)
	defer func() {
		if err := pw.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	hdr := &pcap.Header{
		SnapLen:  maxSnapLen,
		LinkType: pcap.LINKTYPE_ETHERNET,
	}
	if err := pw.WriteHeader(hdr); err != nil {
		log.Fatal(err)
	}

	fd, err := syscall.Socket(syscall.AF_PACKET, syscall.SOCK_RAW, htons(syscall.ETH_P_ALL))
	if err != nil {
		log.Fatal(err)
	}

	var buf [maxSnapLen]byte
	for {
		n, _, err := syscall.Recvfrom(fd, buf[:], 0)
		if err != nil {
			log.Fatal(err)
		}
		sec, usec := currTime()
		record := &pcap.RecordHeader{TsSec: uint32(sec), TsUsec: uint32(usec), CapLen: uint32(n), Len: uint32(n)}
		if err := pw.WriteRecordHeader(record); err != nil {
			log.Fatal(err)
		}
		if _, err = pw.Write(buf[:n]); err != nil {
			log.Fatal(err)
		}
	}
}
func Example() {
	// Create a buffer to write our pcap file to.
	buf := new(bytes.Buffer)

	// Create a new pcap file.
	pw := pcap.NewWriter(buf)
	defer func() {
		if err := pw.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	// Add some records to the pcap file.
	var records = []Ethernet{
		{
			DstAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xBA, 0xBE},
			SrcAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xCA, 0xFE},
			Type:    0x0800,
		},
		{
			DstAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xCA, 0xFE},
			SrcAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xBA, 0xBE},
			Type:    0x0800,
		},
		{
			DstAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xBE, 0xEF},
			SrcAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xDE, 0xAD},
			Type:    0x0800,
		},
		{
			DstAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xDE, 0xAD},
			SrcAddr: [6]byte{0x00, 0x50, 0x56, 0x00, 0xBE, 0xEF},
			Type:    0x0800,
		},
	}
	hdr := &pcap.Header{
		LinkType: pcap.LINKTYPE_ETHERNET,
	}
	if err := pw.WriteHeader(hdr); err != nil {
		log.Fatalln(err)
	}
	for i, record := range records {
		rhdr := &pcap.RecordHeader{
			TsSec:  uint32(i),
			TsUsec: 0,
			CapLen: uint32(14),
			Len:    uint32(14),
		}
		if err := pw.WriteRecordHeader(rhdr); err != nil {
			log.Fatalln(err)
		}
		if err := binary.Write(pw, binary.BigEndian, record); err != nil {
			log.Fatalln(err)
		}
	}
	// Make sure to check the error on Close.
	if err := pw.Close(); err != nil {
		log.Fatalln(err)
	}

	// Open the pcap file for reading.
	r := bytes.NewReader(buf.Bytes())
	pr, err := pcap.NewReader(r)
	if err != nil {
		log.Fatalln(err)
	}

	// Iterate through the files in the pcap file.
	for {
		hdr, err := pr.Next()
		if err == io.EOF {
			// end of pcap file
			break
		}
		if err != nil {
			log.Fatalln(err)
		}
		eth := &Ethernet{}
		if err = binary.Read(pr, binary.BigEndian, eth); err != nil {
			log.Fatalln(err)
		}
		fmt.Printf("%d.%.6d %d %x -> %x %x\n", hdr.TsSec, hdr.TsUsec, hdr.Len, eth.SrcAddr, eth.DstAddr, eth.Type)
	}

	// Output:
	// 0.000000 14 00505600cafe -> 00505600babe 800
	// 1.000000 14 00505600babe -> 00505600cafe 800
	// 2.000000 14 00505600dead -> 00505600beef 800
	// 3.000000 14 00505600beef -> 00505600dead 800
}
Exemple #3
0
func main() {
	flag.Parse()
	args := flag.Args()

	if flag.NArg() != 2 {
		usage()
	}

	in, err := os.Open(args[0])
	if err != nil {
		log.Fatal(err)
	}
	defer func() {
		if err := in.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	pr, err := pcap.NewReader(in)
	if err != nil {
		log.Fatal(err)
	}

	if *verbose {
		fmt.Println("Header")
		fmt.Printf("Magic 0x%.8x\n", pr.Header.Magic)
		fmt.Println("VersionMajor", pr.Header.VersionMajor)
		fmt.Println("VersionMinor", pr.Header.VersionMinor)
		fmt.Println("ThisZone", pr.Header.ThisZone)
		fmt.Println("SigFigs", pr.Header.SigFigs)
		fmt.Println("SnapLen", pr.Header.SnapLen)
		fmt.Println("LinkType", pr.Header.LinkType)
	}

	out, err := os.Create(args[1])
	if err != nil {
		log.Fatal(err)
	}
	defer func() {
		if err := out.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	pw := pcap.NewWriter(out)
	defer func() {
		if err := pw.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	if err := pw.WriteHeader(&pr.Header); err != nil {
		log.Fatal(err)
	}

	for {
		record, err := pr.Next()
		if err != nil {
			if err == io.EOF {
				break
			}
			log.Fatal(err)
		}

		if *verbose {
			fmt.Println()
			fmt.Println("RecordHeader")
			fmt.Println("TsSec", record.TsSec)
			fmt.Println("TsUsec", record.TsUsec)
			fmt.Println("CapLen", record.CapLen)
			fmt.Println("Len", record.Len)
		}

		buf, err := ioutil.ReadAll(pr)
		if err != nil {
			log.Fatal(err)
		}
		if err := pw.WriteRecordHeader(record); err != nil {
			log.Fatal(err)
		}
		if _, err = pw.Write(buf); err != nil {
			log.Fatal(err)
		}
	}
}