Работа над фильтрацией через libpcap

2020-04-13 00:45:48 +03:00
parent 88323dc883
commit 9720619eb8
7 changed files with 52 additions and 2 deletions
--- a/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java
+++ b/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java
@@ -5,6 +5,7 @@ import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.concurrent.BasicThreadFactory;
 import org.apache.commons.lang3.tuple.ImmutablePair;
+import org.pcap4j.core.BpfProgram;
 import org.pcap4j.core.PacketListener;
 import org.pcap4j.core.PcapHandle;
 import org.pcap4j.packet.IpV4Packet;
@@ -36,6 +37,8 @@ public abstract class AbstractPcapWorker implements PcapWorker, PacketListener {
    protected PcapHandle pcap = null;
    protected final ExecutorService loopExecutorService;

+    protected String filter = null;
+
    // во время работы должен быть != null
    protected ExecutorService processorExecutorService;

@@ -255,4 +258,17 @@ public abstract class AbstractPcapWorker implements PcapWorker, PacketListener {
        }).get();
    }

+    @Override
+    @SneakyThrows
+    public void setFilter(String filter) {
+        this.filter = filter;
+        applyFilter();
+    }
+
+    @SneakyThrows
+    protected void applyFilter() {
+        if(filter != null && pcap != null && pcap.isOpen()) {
+            pcap.setFilter(filter, BpfProgram.BpfCompileMode.OPTIMIZE);
+        }
+    }
 }
--- a/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java
+++ b/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java
@@ -44,6 +44,9 @@ public class FilePcapWorker extends AbstractPcapWorker {
    public void start() {
        log.info("Using file " + file.getAbsolutePath());
        pcap = Pcaps.openOffline(file.getAbsolutePath());
+
+        applyFilter();
+
        loopExecutorService.execute(this::runScan);
    }

--- a/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java
+++ b/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java
@@ -37,6 +37,8 @@ public class LivePcapWorker extends AbstractPcapWorker {
        log.info("Using interface " + device.getName());
        pcap = device.openLive(65536, PcapNetworkInterface.PromiscuousMode.PROMISCUOUS, 100);

+        applyFilter();
+
        try {
            log.info("Intercept started");
            pcap.loop(-1, this, loopExecutorService);
--- a/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java
+++ b/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java
@@ -18,4 +18,6 @@ public interface PcapWorker {
     */
    int closeTimeoutStreams(Protocol protocol, long timeoutMillis);

+    void setFilter(String filter);
+
 }