2019-11-26 21:45:27 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"flag"
|
2019-11-27 15:48:14 +00:00
|
|
|
"fmt"
|
2019-11-26 21:45:27 +00:00
|
|
|
"github.com/google/gopacket"
|
|
|
|
"github.com/google/gopacket/layers"
|
|
|
|
"github.com/google/gopacket/pcap"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
filenameFlag *string
|
|
|
|
)
|
|
|
|
|
|
|
|
// Registers the flag --file
|
|
|
|
func registerFileFlags() {
|
|
|
|
filenameFlag = flag.String("file", "", "PCAP file to base analysis on")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Opens the PCAP, returns its packets and the link type or an error
|
|
|
|
func openPCAP() (*gopacket.PacketSource, layers.LinkType, error) {
|
2020-12-15 13:58:33 +00:00
|
|
|
// Check if we even got a file.
|
|
|
|
if *filenameFlag == "" {
|
|
|
|
return nil, 0, fmt.Errorf("missing file to analyze. Please specifiy it with --file")
|
|
|
|
}
|
|
|
|
|
2019-11-26 21:45:27 +00:00
|
|
|
// Open specified file
|
|
|
|
handle, openErr := pcap.OpenOffline(*filenameFlag)
|
|
|
|
if openErr != nil {
|
|
|
|
// There were some problems opening the file
|
|
|
|
return nil, 0, openErr
|
|
|
|
}
|
|
|
|
|
2019-11-26 22:06:57 +00:00
|
|
|
// Output basic information about this PCAP
|
2019-11-27 15:48:14 +00:00
|
|
|
fmt.Printf("PCAP capture link type is %s (ID %d)\n", handle.LinkType().String(), handle.LinkType())
|
2019-11-26 22:06:57 +00:00
|
|
|
|
2019-11-26 21:45:27 +00:00
|
|
|
// Open given handle as packet source and return it
|
|
|
|
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
|
|
|
|
return packetSource, handle.LinkType(), nil
|
|
|
|
}
|