另一种方式解码数据包:
package main
import (
"fmt"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/google/gopacket/pcap"
"log"
"os"
"time"
)
var (
device string = "ens33"
snapshotLen int32 = 1024
promiscuous bool = false
err error
timeout time.Duration = 30 * time.Second
handle *pcap.Handle
)
func main() {
// Open device
handle, err = pcap.OpenLive(device, snapshotLen, promiscuous, timeout)
if err != nil {
log.Fatal(err)
}
defer handle.Close()
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
printPacketInfo(packet)
}
}
func printPacketInfo(packet gopacket.Packet) {
var eth layers.Ethernet
var ip4 layers.IPv4
var ip6 layers.IPv6
var tcp layers.TCP
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, ð, &ip4, &ip6, &tcp)
decoded := []gopacket.LayerType{}
if err := parser.DecodeLayers(packet.Data(), &decoded); err != nil {
fmt.Fprintf(os.Stderr, "Could not decode layers: %v
", err)
return
}
for _, layerType := range decoded {
switch layerType {
case layers.LayerTypeEthernet:
fmt.Println(" Eth ", eth.SrcMAC, eth.DstMAC)
case layers.LayerTypeIPv6:
fmt.Println(" IP6 ", ip6.SrcIP, ip6.DstIP)
case layers.LayerTypeIPv4:
fmt.Println(" IP4 ", ip4.SrcIP, ip4.DstIP)
case layers.LayerTypeTCP:
fmt.Println(" TCP ", tcp.SrcPort, tcp.DstPort)
}
}
}