【毕设日记】(1)go语言基于gopacket+fyne简单抓包工具实现之抓包代码

导包

"fyne.io/fyne/v2"
"github.com/google/gopacket"

get_pkg.go
抓包，并且解析成string并且调用渲染成fyne的list
注意坑：NetworkLayer和TransportLayer都可能为nil

package ip

import (
	"fmt"
	"fyne.io/fyne/v2/data/binding"
	"github.com/google/gopacket"
	"github.com/google/gopacket/pcap"
	"log"
	"strconv"
	"time"
)

type PkgRow struct {
	No       int
	Time     time.Time
	Source   string
	Dest     string
	Protocol string
	Length   int
	Info     string
}

//设备名：pcap.FindAllDevs()返回的设备的Name
//snaplen：捕获一个数据包的多少个字节，一般来说对任何情况65535是一个好的实践，如果不关注全部内容，只关注数据包头，可以设置成1024
//promisc：设置网卡是否工作在混杂模式，即是否接收目的地址不为本机的包
//timeout：设置抓到包返回的超时。如果设置成30s，那么每30s才会刷新一次数据包；设置成负数，会立刻刷新数据包，即不做等待
//要记得释放掉handle

var (
	device       string = "eth0"
	snapshot_len int32  = 1024
)

func GetPkg(device string, list binding.StringList) {
	No := 1
	// Open device
	handle, err = pcap.OpenLive(device, snapshot_len, promiscuous, timeout)
	if err != nil {
		log.Fatal(err)
	}
	defer handle.Close()
	fmt.Println("gogogo")
	// Use the handle as a packet source to process all packets
	packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packetSource.Packets() {
		//packet:=<-packetSource.Packets()
		if packet != nil {
			p := anlysePacket(packet)
			p.No = No
			No++
			fmt.Println(gopacket.LayerString(packet.TransportLayer()))

			list.Append(p.formatePkgListInfo())
		}
	}
}

func setFlliter(device string, p string, port int) {
	// Open device
	handle, err = pcap.OpenLive(device, snapshot_len, promiscuous, timeout)
	if err != nil {
		log.Fatal(err)
	}
	defer handle.Close()
	// Set filter
	var filter string = p + " and port " + strconv.Itoa(port)
	err = handle.SetBPFFilter(filter)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Println("Only capturing " + p + " port " + strconv.Itoa(port) + " packets.")

	packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packetSource.Packets() {
		// Do something with a packet here.
		fmt.Println(packet)
	}
}
func anlysePacket(p gopacket.Packet) PkgRow {
	var nilEndpoint gopacket.Endpoint = gopacket.Endpoint{}
	var nilFlow gopacket.Flow = gopacket.Flow{}
	pkgrow := PkgRow{Time: p.Metadata().Timestamp,
		Length: p.Metadata().Length,
	}
	if p.NetworkLayer()!=nil{  //网际层
		if p.NetworkLayer().NetworkFlow().Src() != nilEndpoint {
			pkgrow.Source = p.NetworkLayer().NetworkFlow().Src().String()
		}
		if p.NetworkLayer().NetworkFlow().Dst()!=nilEndpoint {
			pkgrow.Dest = p.NetworkLayer().NetworkFlow().Dst().String()
		}
	}
	if p.TransportLayer() != nil {   //传输层
		if p.TransportLayer().TransportFlow() != nilFlow {
			pkgrow.Protocol = p.TransportLayer().TransportFlow().EndpointType().String()
			pkgrow.Info = p.TransportLayer().TransportFlow().String()
		}
	}
	return pkgrow

}
func (p PkgRow) formatePkgListInfo() string {
	res := ""
	res += strconv.Itoa(p.No)
	t := time.Now().Format("\"2006-01-02T15:04:05\"")
	res += blankAdd(15-len(res)) + t[1:len(t)-1]
	res += blankAdd(45-len(res)) + p.Source
	res += blankAdd(70-len(res)) + p.Dest
	res += blankAdd(98-len(res)) + p.Protocol
	res += blankAdd(115-len(res)) + strconv.Itoa(p.Length)
	res += blankAdd(129-len(res)) + p.Info
	return res
}
func blankAdd(n int) string {
	res := ""
	for n > 0 {
		n--
		res += " "
	}
	return res

}

效果图：