func main() {
flag.Parse()
args := flag.Args()
if len(args) > 0 {
cfg.command = args[0]
}
var handle *pcap.Pcap
var err error
Log = log.New(os.Stderr, "CATTP", log.Flags())
// Set filter command for libpcap
if len(args) > 1 {
cfg.filter = args[1]
}
if len(cfg.device) > 0 {
Log.Printf("Opening device: %s", cfg.device)
handle, err = pcap.OpenLive(cfg.device, int32(cfg.snaplen), true, 1000)
} else if len(cfg.infile) > 0 {
handle, err = pcap.OpenOffline(cfg.infile)
} else {
printUsage("No source given.")
}
if len(cfg.filter) > 0 {
handle.SetFilter(cfg.filter)
}
if err != nil {
Log.Fatalf("Failed to open source: %s", err)
}
//TODO: Fix this ugly condition for file end detection.
for x := handle.Next(); len(cfg.infile) > 0 && x != nil; x = handle.Next() {
if x != nil {
func(p *pcap.Packet) {
defer func() {
if r := recover(); r != nil {
Log.Printf("Could not decode packet: %s \n %s", r, p)
}
}()
p.Decode() // Decode pcap packet
if cp, err := NewPacket(p); err == nil {
fmt.Println(cp)
if cfg.hexlog {
fmt.Println(hex.Dump(cp.Raw()))
}
}
}(x)
}
}
}
func main() {
flag.Parse()
if *cpuprofile != "" {
f, err := os.Create(*cpuprofile)
if err != nil {
log.Fatal(err)
}
pprof.StartCPUProfile(f)
defer pprof.StopCPUProfile()
}
fileName := flag.Arg(0)
pcapfile, err := pcap.OpenOffline(fileName)
if err != nil {
fmt.Fprintf(os.Stderr, "Can't open pcap file %#v: %v\n",
fileName, err)
os.Exit(1)
}
w := bufio.NewWriter(os.Stdout)
i := uint(0)
for pkt := pcapfile.Next(); pkt != nil; pkt = pcapfile.Next() {
i += 1
pkt.Decode()
var msg dns.Msg
if err := safeParse(&msg, pkt.Payload); err != nil {
//fmt.Fprintf(os.Stderr, "err %v\n", err)
continue
}
if len(msg.Question) != 1 {
continue
}
// if msg.MsgHdr.Response == true {
// continue
// }
qname := msg.Question[0].Name
qname = qname[:len(qname)-1]
fmt.Fprintf(w, "%s, %s\n", pkt.Time, strings.ToLower(qname))
}
w.Flush()
fmt.Fprintf(os.Stderr, "Parsed %d packets\n", i)
}
func main() {
var device *string = flag.String("d", "", "device")
var file *string = flag.String("r", "", "file")
var expr *string = flag.String("e", "", "filter expression")
flag.Parse()
var h *pcap.Pcap
ifs, err := pcap.FindAllDevs()
if len(ifs) == 0 {
fmt.Printf("Warning: no devices found : %s\n", err)
} else {
for i := 0; i < len(ifs); i++ {
fmt.Printf("dev %d: %s (%s)\n", i+1, ifs[i].Name, ifs[i].Description)
}
}
if *device != "" {
h, err = pcap.OpenLive(*device, 65535, true, 0)
if h == nil {
fmt.Printf("OpenLive(%s) failed: %s\n", *device, err)
return
}
} else if *file != "" {
h, err = pcap.OpenOffline(*file)
if h == nil {
fmt.Printf("Openoffline(%s) failed: %s\n", *file, err)
return
}
} else {
fmt.Printf("usage: pcaptest [-d <device> | -r <file>]\n")
return
}
fmt.Printf("pcap version: %s\n", pcap.Version())
if *expr != "" {
fmt.Printf("Setting filter: %s\n", *expr)
err := h.SetFilter(*expr)
if err != nil {
fmt.Printf("Warning: setting filter failed: %s\n", err)
}
}
for pkt := h.Next(); pkt != nil; pkt = h.Next() {
fmt.Printf("time: %d.%06d (%s) caplen: %d len: %d\nData:",
int64(pkt.Time.Second()), int64(pkt.Time.Nanosecond()),
time.Unix(int64(pkt.Time.Second()), 0).String(), int64(pkt.Caplen), int64(pkt.Len))
for i := uint32(0); i < pkt.Caplen; i++ {
if i%32 == 0 {
fmt.Printf("\n")
}
if 32 <= pkt.Data[i] && pkt.Data[i] <= 126 {
fmt.Printf("%c", pkt.Data[i])
} else {
fmt.Printf(".")
}
}
fmt.Printf("\n\n")
}
}