|
|
@@ -1,6 +1,7 @@
|
|
|
package network
|
|
|
|
|
|
import (
|
|
|
+ "bytes"
|
|
|
"fmt"
|
|
|
"fyne.io/fyne/v2/data/binding"
|
|
|
"gbase/glog"
|
|
|
@@ -112,27 +113,36 @@ func Sniffer(interfaceName, sqlName, ip string, port int, dbLog binding.String)
|
|
|
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
|
|
|
for packet := range packetSource.Packets() {
|
|
|
|
|
|
- sqlStatement, err := processPacket(packet)
|
|
|
+ sqlStatement, isRequest, err := processPacket(packet, port)
|
|
|
if err == nil && len(sqlStatement) > 2 {
|
|
|
sqlStatement = strings.TrimSpace(sqlStatement)
|
|
|
- ret := re.FindAllStringSubmatch(sqlStatement, 1)
|
|
|
- if len(ret) > 0 {
|
|
|
- currentLog, _ := dbLog.Get()
|
|
|
- dbLog.Set(
|
|
|
- fmt.Sprintf("%v %v\n%s",
|
|
|
- time.Now().Format("2006-01-02 15:04:05"),
|
|
|
- ret[0][0],
|
|
|
- currentLog,
|
|
|
- ),
|
|
|
- )
|
|
|
- file.WriteString(time.Now().Format("2006-01-02 03:04:05") + " " + ret[0][0] + "\n")
|
|
|
+ if isRequest {
|
|
|
+ ret := re.FindAllStringSubmatch(sqlStatement, 1)
|
|
|
+ if len(ret) > 0 {
|
|
|
+ currentLog, _ := dbLog.Get()
|
|
|
+ dbLog.Set(
|
|
|
+ fmt.Sprintf("%v %v\n%s",
|
|
|
+ time.Now().Format("2006-01-02 15:04:05"),
|
|
|
+ ret[0][0],
|
|
|
+ currentLog,
|
|
|
+ ),
|
|
|
+ )
|
|
|
+ file.WriteString(time.Now().Format("2006-01-02 03:04:05") + " " + ret[0][0] + "\n")
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ // 处理响应数据,去除乱码和无用字符串
|
|
|
+ cleanResponse := cleanString(sqlStatement)
|
|
|
+ if cleanResponse != "" {
|
|
|
+ file.WriteString(time.Now().Format("2006-01-02 15:04:05") + " Response: " + sqlStatement + "\n")
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
}
|
|
|
}
|
|
|
return nil
|
|
|
}
|
|
|
-func processPacket(packet gopacket.Packet) (sqlStatement string, err error) {
|
|
|
+func processPacket(packet gopacket.Packet, port int) (sqlStatement string, isRequest bool, err error) {
|
|
|
+ isRequest = false
|
|
|
// 检测是否存在任何错误
|
|
|
errs := packet.ErrorLayer()
|
|
|
if err != nil {
|
|
|
@@ -146,6 +156,9 @@ func processPacket(packet gopacket.Packet) (sqlStatement string, err error) {
|
|
|
return
|
|
|
}
|
|
|
|
|
|
+ tcp, _ := tcpLayer.(*layers.TCP)
|
|
|
+ isRequest = int(tcp.DstPort) == port // 检查目标端口是否为 MySQL 端口以确定是否为请求
|
|
|
+
|
|
|
// 打印应用层/有效载荷
|
|
|
applicationLayer := packet.ApplicationLayer()
|
|
|
if applicationLayer == nil {
|
|
|
@@ -155,10 +168,10 @@ func processPacket(packet gopacket.Packet) (sqlStatement string, err error) {
|
|
|
payload := applicationLayer.Payload()
|
|
|
sqlStatement = extractSQLFromPayload(payload)
|
|
|
if sqlStatement != "" {
|
|
|
- return sqlStatement, nil
|
|
|
+ return sqlStatement, isRequest, nil
|
|
|
}
|
|
|
|
|
|
- return sqlStatement, nil
|
|
|
+ return sqlStatement, isRequest, nil
|
|
|
}
|
|
|
|
|
|
func extractSQLFromPayload(payload []byte) string {
|
|
|
@@ -185,3 +198,19 @@ func containsSQLKeyword(data string) bool {
|
|
|
}
|
|
|
return false
|
|
|
}
|
|
|
+
|
|
|
+func cleanString(input string) string {
|
|
|
+ var buffer bytes.Buffer
|
|
|
+ for _, r := range input {
|
|
|
+ if r >= 32 && r <= 126 { // 保留可打印的 ASCII 字符
|
|
|
+ buffer.WriteRune(r)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ cleaned := buffer.String()
|
|
|
+ // 进一步清理无用的空格和特殊字符
|
|
|
+ cleaned = strings.TrimSpace(cleaned)
|
|
|
+ cleaned = strings.ReplaceAll(cleaned, "\r", "")
|
|
|
+ cleaned = strings.ReplaceAll(cleaned, "\n", "")
|
|
|
+ cleaned = strings.ReplaceAll(cleaned, "\t", "")
|
|
|
+ return cleaned
|
|
|
+}
|
