go 網路資料包分析
阿新 • • 發佈:2020-10-29
參考連結:
https://blog.csdn.net/warrior_0319/article/details/83150408
https://cloud.tencent.com/developer/article/1025427
demo1:獲取所有的網路裝置資訊
package main import ( "fmt" "github.com/google/gopacket/pcap" "log" ) func main() { // Find all devices devices, err := pcap.FindAllDevs()if err != nil { log.Fatal(err) } // Print device information fmt.Println("Devices found:") for _, device := range devices { fmt.Println("\nName: ", device.Name) fmt.Println("Description: ", device.Description) fmt.Println("Devices addresses: ", device.Description) for _, address := range device.Addresses { fmt.Println("- IP address: ", address.IP) fmt.Println("- Subnet mask: ", address.Netmask) } } }
執行結果:
Name: ens33 Description: Devices addresses:- IP address: 192.168.1.100 - Subnet mask: ffffff00
demo2:開啟裝置實時捕捉
package main import ( "fmt" "github.com/google/gopacket" "github.com/google/gopacket/pcap" "log" "time" ) var ( device string = "ens33" snapshot_len int32 = 1024 promiscuous bool = false err error timeout time.Duration = 30 * time.Second handle *pcap.Handle ) func main() { // Open device handle, err = pcap.OpenLive(device, snapshot_len, promiscuous, timeout) if err != nil { log.Fatal(err) } defer handle.Close() // Use the handle as a packet source to process all packets packetSource := gopacket.NewPacketSource(handle, handle.LinkType()) for packet := range packetSource.Packets() { // Process packet here fmt.Println(packet) } }
執行結果:
PACKET: 1024 bytes, truncated, wire length 1750 cap length 1024 @ 2020-10-29 14:58:06.569083 +0800 CST - Layer 1 (14 bytes) = Ethernet {Contents=[..14..] Payload=[..1010..] SrcMAC=00:0c:29:10:dc:10 DstMAC=00:50:56:c0:00:08 EthernetType=IPv4 Length=0} - Layer 2 (20 bytes) = IPv4 {Contents=[..20..] Payload=[..990..] Version=4 IHL=5 TOS=16 Length=1736 Id=3808 Flags=DF FragOffset=0 TTL=64 Protocol=TCP Checksum=41354 SrcIP=192.168.1.100 DstIP=192.168.1.1 Options=[] Padding=[]} - Layer 3 (20 bytes) = TCP {Contents=[..20..] Payload=[..970..] SrcPort=22(ssh) DstPort=59004 Seq=3324909626 Ack=463955946 DataOffset=5 FIN=false SYN=false RST=false PSH=true ACK=true URG=false ECE=false CWR=false NS=false Window=988 Checksum=35440 Urgent=0 Options=[] Padding=[]} - Layer 4 (970 bytes) = Payload 970 byte(s)