Skip to content

tenfyzhong/fdump

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
2 branches 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
_examples
 
 
.gitignore
 
 
LICENSE
 
 
README.md
 
 
app.go
 
 
controller.go
 
 
doc.go
 
 
record.go
 
 
replay.go
 
 
serialization.go
 
 
serialization_test.go
 
 
stream.go
 
 
stream_test.go
 
 
view.go
 
 
view_test.go
 
 
fdump Feature Screenshots How to Key Warnning

README.md

fdump

A framework to dump and decode network packet.

Feature

  • tui to show records.
  • replay records.
  • save records to file.
  • load records from file.
  • support tcp.
  • support udp.

Screenshots

How to

Here's the way to create your packet capture application:

  1. Make a function to decode the binary packet and return an Record.
  2. Make a function to show a brief message of the record.
  3. Make a function to show a detail message of the record.
  4. (optional)Make some hook to modify the replay worker.

example:

func decode(net, transport gopacket.Flow, buf []byte) (bodies []interface{}, n int, err error) {
	if len(buf) < 4 {
		err = fdump.ErrPkgNoEnough
		return
	}
	pkgLen := binary.BigEndian.Uint32(buf)
	if uint32(len(buf)) < pkgLen {
		err = fdump.ErrPkgNoEnough
		return
	}
	str := string(buf[4:pkgLen])
	bodies = append(bodies, str)
	n = pkgLen
	return
}

func brief(record *fdump.Record) []string {
	if record == nil || len(record.Bodies) == 0 {
		return nil
	}
	str, ok := record.Bodies[0].(string)
	if !ok {
		return nil
	}
	return []string{str[:10]}
}

func detail(record *fdump.Record) string {
	str, ok := record.Bodies[0].(string)
	if !ok {
		return ""
	}
	return str
}

func postSend(conn net.Conn, record *fdump.Record) error {
	lenBuf := make([]byte, 4)
	lenLen := 0
	for lenLen < 4 {
		err := conn.SetReadDeadline(time.Now().Add(1*time.Second))
		if err != nil {
			return err
		}
		n, err := conn.Read(headBuf[lenLen:])
		if err != nil {
			return err
		}
		lenLen += n
	}

	bodyLen := binary.BigEndian.Uint32(lenBuf) - 4
	body := make([]byte, bodyLen)
	curLen := 0
	for curLen < int(bodyLen) {
		err := conn.SetReadDeadline(time.Now().Add(t*time.Second))
		if err != nil {
			return err
		}
		n, err := conn.Read(body[curlen:])
		if err != nil {
			return err
		}
		curlen += n
	}
	return nil
}

func main() {
	logging.SetLevel(logging.INFO, "")
	fdump.Init()
	replayHook := &fdump.ReplayHook{
		PostSend: postSend,
	}
	briefAttributes := []*fdump.BriefColumnAttribute{&fdump.BriefColumnAttribute{
			Title: "Head10",
			MaxWidth: 10,
		},
	}

	a := fdump.NewApp(decode, brief, detail, replayHook, briefAttributes)
	a.Run()
}

Key

View Key Summary
all f toggle frozen scroll
all s toggle stop capture
all l/Left left
all r/Right right
all j/Down down
all k/Up up
all g/Home goto first line
all G/End goto last line
all ctrl-f/PgDn page down
all ctrl-b/PgUp page up
all ctrl-c exit
all ? help
brief enter enter detail
brief Esc clean prompt
brief C clear
brief S save selected/all to file
brief L load from file
brief M toggle multiple select mode
brief m select/unselect row, select mode only
brief r revert selected, select mode only
brief a select/unselect all, select mode only
brief c clear selected, select mode only
brief R replay current select row
detail q/Esc exit detail
help q/Esc exit help

Warnning

Please set LC_CTYPE to en_US.UTF-8:

export LC_CTYPE=en_US.UTF-8

About

A framework to dump and decode network packet.

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages