tcpdp

command module
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 18, 2018 License: MIT Imports: 3 Imported by: 0

README

tcpdp Build Status GitHub release

tcpdp is TCP dump tool with custom dumper written in Go.

Usage

tcpdp proxy : TCP proxy server mode
$ tcpdp proxy -l localhost:12345 -r localhost:1234 -d hex # hex.Dump()
$ tcpdp proxy -l localhost:55432 -r localhost:5432 -d pg # Dump query of PostgreSQL
$ tcpdp proxy -l localhost:33306 -r localhost:3306 -d mysql # Dump query of MySQL
With server-starter

https://github.com/lestrrat-go/server-starter

$ start_server --port 33306 -- tcpdp proxy -s -r localhost:3306 -d mysql
With config file
$ tcpdp proxy -c config.toml
tcpdp probe : Probe mode (like tcpdump)
$ tcpdp probe -i lo0 -t localhost:3306 -d mysql # is almost the same setting as 'tcpdump -i lo0 host 127.0.0.1 and tcp port 3306'
$ tcpdp probe -i eth0 -t 3306 -d hex # is almost the same setting as 'tcpdump -i eth0 tcp port 3306'
tcpdp read : Read pcap file mode
$ tcpdump -i eth0 host 127.0.0.1 and tcp port 3306 -w mysql.pcap
$ tcpdp read mysql.pcap -d mysql -f ltsv
tcpdp config Create config
$ tcpdp config > myconfig.toml
Show current config
$ tcpdp config
config format
[tcpdp]
pidfile = "/var/run/tcpdp.pid"
dumper = "mysql"

[probe]
target = "db.example.com:3306"
interface = "en0"

[proxy]
useServerSterter = false
listenAddr = "localhost:3306"
remoteAddr = "db.example.com:3306"

[log]
dir = "/var/log/tcpdp"
enable = true
stdout = true
format = "ltsv"
rotateEnable = true
rotationTime = "daily"
rotationCount = 7

[dumpLog]
dir = "/var/log/dump"
enable = true
stdout = false
format = "json"
rotateEnable = true
rotationTime = "hourly"
rotationCount = 24

tcpdp proxy connection diagram

      client_addr
           ^
           |        tcpdp
+----------|---------------+
|          v               |
|  proxy_listen_addr       |
|         + ^              |
|         | |   +--------+ |
|         |<----+ dumper | |
|         | |<--+        | |
|         | |   +--------+ |
|         v +              |
|  proxy_client_addr       |
|          ^               |
+----------|---------------+
           |
           v
      remote_addr

tcpdp probe connection diagram

+--------------------------+
|                          |
|                      +---+---+
|       <--------------| eth0  |----------->
|            interface +---+---+
|            /target     ^ |
|                        | |
|         tcpdp          | |
|        +--------+      | |
|        | dumper +------+ |
|        +--------+        |
+--------------------------+

log

key description tcpdp.log / dump.log (dumper type) mode
ts timestamp tcpdp.log, hex, mysql, pg proxy / probe
level log level tcpdp.log proxy / probe
msg log message tcpdp.log proxy / probe
error error info tcpdp.log proxy / probe
caller error caller tcpdp.log proxy / probe
conn_id TCP connection ID by tcpdp tcpdp.log, hex, mysql, pg proxy / probe
conn_seq_num TCP comunication sequence number by tcpdp tcpdp.log, hex, mysql, pg proxy
client_addr client address tcpdp.log, hex, mysql, pg proxy
proxy_listen_addr listen address tcpdp.log, hex, mysql, pg proxy
proxy_client_addr proxy client address hex, mysql, pg proxy
remote_addr remote address tcpdp.log, hex, mysql, pg proxy
direction client to remote: -> / remote to client: <- tcpdp.log, hex, mysql, pg proxy
interface probe target interface tcpdp.log, hex, mysql, pg probe
src_addr src address tcpdp.log, hex, mysql, pg probe
dst_addr dst address tcpdp.log, hex, mysql, pg probe
probe_target_addr probe target address tcpdp.log, hex, mysql, pg probe
dump dump data by hex.Dump hex proxy / probe
query SQL query mysql, pg proxy / probe
username username mysql, pg proxy / probe
database database mysql, pg proxy / probe
seq_num sequence number by MySQL mysql proxy / probe
command_id command_id for MySQL mysql proxy / probe
message_type message type for PostgreSQL pg proxy / probe

References

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL