Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GoでTCPパケットを読む / Fukuoka.go #12

Ken’ichiro Oyama
October 07, 2018
Technology
14
1.2k

GoでTCPパケットを読む / Fukuoka.go #12

Fukuoka.go #12

Ken’ichiro Oyama

October 07, 2018
Tweet

More Decks by Ken’ichiro Oyama

See All by Ken’ichiro Oyama
The future of tbls and "Documentation as Code" / phpconfuk 2023
k1low
3
2.3k
net/http/httptest.Server のアプローチをテスト戦略に活用する / Go Conference 2023
k1low
7
1.7k
Win Testing Trophy Easily / テスティングトロフィーを獲得する / PHPerKaigi 2023
k1low
5
2.5k
runnによるAPIのシナリオテストの導入と自動化 / stac2022
k1low
5
2.7k
GitHub上で構築するコードメトリクス計測基盤 / TECH STAND #9 GitHub
k1low
3
3.5k
runn is a package/tool for running operations following a scenario. / golang.tokyo #32
k1low
1
810
GitHub Actions Deep Dive using PHP / PHPerKaigi 2022
k1low
1
2.9k
io/fs.FS for testability. io/fs.FS for abstraction. / Go Conference 2021 Autumn (Online)
k1low
0
480
Continuous Documentation - CI/CDパイプラインを活用した文書化技術 - / Pepabo Tech Conference #16
k1low
1
360

Other Decks in Technology

See All in Technology
承認コネクタについて
miyakemito
1
120
1人目の専任SREがポストモーテム文化を改善したらエンジニア以外にも広まり、 他部門との連携も強化された話+
tk3fftk
0
420
レイヤードアーキテクチャにおける 例外との向き合い方
yukihiromori
0
1.3k
フロントエンドの開発生産性とは
yosuke_furukawa
PRO
14
5.8k
ビジネス向けアプリを開発するときに知っておくべきAndroid Enterpriseの世界
imsaku
1
500
YouTubeへのライブ配信機能をリリースするまで
yurihondo
0
800
Building smarter apps with machine learning, from magic to reality
picardparis
4
3.6k
サーバーレスで仮想待合室を作ろう! / Serverless Virtual Waiting Room
_kensh
3
520
LLM 時代におさえておきたい Azure Serverless ファミリーまとめ / serverlessdaystokyo2023-llm-aoai
miyake
4
250
20230914_FinJAWS
takuyay0ne
2
410
DMMプラットフォームに ゼロベースでSLO導入している取り組み 適切なSLI模索の軌跡
junjunjunk
7
800
How to Maximize Effectiveness and Efficiency of Daily Scrum
eiki
0
120

Featured

See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
56
2.7k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
3.9k
VelocityConf: Rendering Performance Case Studies
addyosmani
318
23k
Designing for Performance
lara
601
66k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.5k
Intergalactic Javascript Robots from Outer Space
tanoku
263
26k
What’s in a name? Adding method to the madness
productmarketing
PRO
14
2.2k
Agile that works and the tools we love
rasmusluckow
323
20k
How to name files
jennybc
56
84k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
GraphQLとの向き合い方2022年版
quramy
24
11k
Building Adaptive Systems
keathley
29
1.6k

Transcript

  1. খࢁ݈Ұ࿠(.01FQBCP *OD
    'VLVPLBHP
    (PͰ5$1ύέοτΛಡΉ

    View Slide

  2. γχΞΤϯδχΞ
    খࢁ݈Ұ࿠!L-P8
    ϗεςΟϯάࣄۀ෦ϗεςΟϯάάϧʔϓϚωʔδυΫϥ΢υνʔϜ
    IUUQTHJUIVCDPNL-P8


    View Slide

  3. UDQEVNQ

    View Slide

  4. UDQEVNQͱ͸ɺίϚϯυϥΠϯ্Ͱར༻͢Δ
    Ұൠతͳܭࢉػωο
    τϫʔΫௐࠪ
    πʔϧͰ͋ΔɻUDQEVNQʹΑΓɺར༻ऀ͸ίϚϯ
    υΛ࣮ߦͨ͠ܭࢉػ͕ͭͳ͕͍ͬͯΔωοτϫʔΫ্ΛྲྀΕΔ5$1*1ͳ
    ͲͷύέοτΛԣऔͬͯɺදࣔͤ͞Δ͜ͱ͕ग़དྷΔɻ͜ͷϓϩάϥϜ͸
    ։ൃ౰࣌ʹϩʔϨϯεɾόʔΫϦʔݚڀॴωοτϫʔΫݚڀάϧʔϓʹॴ
    ଐ͍ͯͨ͠όϯɾδΣΠίϒιϯɺ$SBJH-FSFTɺ4UFWFO.D$BOOFʹ
    Αͬͯॻ͔Εͨɻ
    ग़యϑϦʔඦՊࣄయʰ΢ΟΩϖσΟΞʢ8JLJQFEJBʣʱ

    View Slide

  5. ҰൠతͳπʔϧͰ͋Δ

    View Slide

  6. View Slide

  7. UDQEVNQͱΘͨ͠
    wશ͘࢖ͬͨ͜ͱ͋Γ·ͤΜͰͨ͠
    wʮϦΫΤετΛ౤͛Ε͹Ϩεϙϯε͕ฦͬͯ͘Δ͠ɺ
    ΫΤϦΛ౤͛Ε͹݁Ռ͕ฦͬͯ͘Δʯͦ͏ࢥ͍ͬͯͨ
    ࣌ظ͕ࢲʹ΋͋Γ·ͨ͠ʢ͍ͭ࠷ۙ·Ͱʣ
    wࠓͰ΋·ͱ΋ʹ࢖͑ͳ͍Ͱ͢
    wҰํɺνʔϜϝϯόʔ͸ۭؾͷΑ͏ʹ࢖͍·͢

    View Slide

  8. 5$1ύέοτͱ͔όΠφϦΛ
    ಡΉͳΜͯ SZ

    View Slide

  9. IUUQTTQFBLFSEFDLDPNFEWBLGHPUFIBJOBSJXPEVNVQMVTB

    View Slide

  10. View Slide

  11. View Slide

  12. ͸͍ʂʂʂ

    View Slide

  13. ͦΕͰ͸
    ؆୯ͳUDQEVNQΛ
    ࡞ͬͯΈ·͠ΐ͏

    View Slide

  14. ࠓճ࣮૷͢ΔUDQEVNQͷίϚϯυ
    $ tcpdump -X -i eth0 tcp and port 80

    View Slide

  15. ࠓճ࣮૷͢ΔUDQEVNQͷίϚϯυ
    $ tcpdump -X -i eth0 tcp and port 80
    ग़ྗϑΥʔϚοτ ωοτϫʔΫΠϯλʔϑΣʔεͷࢦఆ ϑΟϧλϦϯά

    View Slide

  16. ग़ྗ͸͜Μͳײ͡

    View Slide

  17. Ͱ͸࡞͍͖ͬͯ·͠ΐ͏

    View Slide

  18. ·ͣϓϩδΣΫτσΟϨΫτϦΛ࡞੒
    $ go version
    go version go1.11 darwin/amd64
    $ mkdir mydump
    $ cd mydump/
    $ echo 'module "github.com/k1LoW/mydump"' > go.mod

    View Slide

  19. NBJOHP
    1 package main
    2
    3 import (
    4 "encoding/hex"
    5 "fmt"
    6 "log"
    7
    8 "github.com/google/gopacket"
    9 "github.com/google/gopacket/pcap"
    10 )
    11
    12 func main() {
    13 device := "eth0"
    14 filter := "tcp and port 80"
    15
    16 handle, err := pcap.OpenLive(
    17 device, int32(0xFFFF), true, pcap.BlockForever,
    18 )
    19 if err != nil {
    20 log.Fatal(err)
    21 }
    22 defer handle.Close()
    23 if err := handle.SetBPFFilter(filter); err != nil {
    24 log.Fatal(err)
    25 }
    26
    27 packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
    28 for packet := range packetSource.Packets() {
    29 fmt.Printf(“%s\n", packet)
    30 fmt.Printf("%s", hex.Dump(packet.Data()))
    31 }
    32 }

    View Slide

  20. ࣮ߦ
    $ sudo go run main.go

    View Slide

  21. Ͱ͖ͨ

    View Slide

  22. Ͱ͖ͨ

    View Slide

  23. Ͱ͖ͨ

    View Slide

  24. ιʔείʔυղઆ

    View Slide

  25. NBJOHP-
    1 package main
    2
    3 import (
    4 "encoding/hex"
    5 "fmt"
    6 "log"
    7
    8 "github.com/google/gopacket"
    9 "github.com/google/gopacket/pcap"
    10 )

    View Slide

  26. HPPHMFHPQBDLFU

    View Slide

  27. HPPHMFHPQBDLFU
    w(PPHMF੡ͷύέοτॲཧ༻ͷϥΠϒϥϦ
    wIUUQTHJUIVCDPNHPPHMFHPQBDLFU
    wύέοτ͕ಡΊΔͷ͸͜ͷϥΠϒϥϦͷ͓͔͛
    wQDBQϑΝΠϧͷಡΈࠐΈ΋ՄೳʹͳΔ
    wMJCQDBQΛར༻͍ͯ͠ΔDHP

    View Slide

  28. NBJOHP-
    12 func main() {
    13 device := "eth0"
    14 filter := "tcp and port 80"
    15
    16 handle, err := pcap.OpenLive(
    17 device, int32(0xFFFF), true, pcap.BlockForever,
    18 )
    19 if err != nil {
    20 log.Fatal(err)
    21 }
    22 defer handle.Close()
    ࠓճ͸ݻఆɻҾ਺Ͱ༩͑ΒΕΔΑ͏ʹͳͬͨΒ
    ΑΓUDQEVNQͬΆ͍
    ΠϯλʔϑΣʔεʹΞλον

    View Slide

  29. NBJOHP-
    23 if err := handle.SetBPFFilter(filter); err != nil {
    24 log.Fatal(err)
    25 }
    #1' #FSLFMFZ1BDLFU'JMUFS
    Λઃఆ

    View Slide

  30. #1'

    View Slide

  31. IUUQTTQFBLFSEFDLDPNUBLVNBLVNFFCQGHFUUJOHTUBSUFE

    View Slide

  32. NBJOHP-
    27 packetSource := gopacket.NewPacketSource(
    handle, handle.LinkType())
    28 for packet := range packetSource.Packets() {
    29 fmt.Printf(“%s\n", packet)
    30 fmt.Printf("%s", hex.Dump(packet.Data()))
    31 }
    32 }
    ύέοτ͕νϟϯωϧΛ௨ͯ͡΍ͬͯ͘ΔͷͰGPSͰड͚औΔ
    ग़ྗ

    View Slide

  33. ιʔείʔυղઆऴྃ

    View Slide

  34. fmt.Printf(“%s\n", packet)

    View Slide

  35. PACKET: 450 bytes, wire length 450 cap length 450 @ 2018-10-04
    19:02:36.200155 +0900 JST
    - Layer 1 (14 bytes) = Ethernet {Contents=[..14..] Payload=[..436..]
    SrcMAC=8c:85:90:ae:ae:c2 DstMAC=2c:33:11:ca:c8:be EthernetType=IPv4
    Length=0}
    - Layer 2 (20 bytes) = IPv4 {Contents=[..20..] Payload=[..416..]
    Version=4 IHL=5 TOS=0 Length=436 Id=0 Flags=DF FragOffset=0 TTL=64
    Protocol=TCP Checksum=24376 SrcIP=192.168.75.96 DstIP=108.177.97.82
    Options=[] Padding=[]}
    - Layer 3 (32 bytes) = TCP {Contents=[..32..] Payload=[..384..]
    SrcPort=51190 DstPort=80(http) Seq=1867296718 Ack=2345355645
    DataOffset=8 FIN=false SYN=false RST=false PSH=true ACK=true
    URG=false ECE=false CWR=false NS=false Window=
    4096 Checksum=19074 Urgent=0 Options=[TCPOption(NOP:),
    TCPOption(NOP:), TCPOption(Timestamps:958590780/3024242800
    0x3922ef3cb4424870)] Padding=[]}
    - Layer 4 (384 bytes) ^C1 63 69 6e 74 6f 73 |la/5.0 (Macintos|

    View Slide

  36. PACKET: 450 bytes, wire length 450 cap length 450 @ 2018-10-04
    19:02:36.200155 +0900 JST
    - Layer 1 (14 bytes) = Ethernet {Contents=[..14..] Payload=[..436..]
    SrcMAC=8c:85:90:ae:ae:c2 DstMAC=2c:33:11:ca:c8:be EthernetType=IPv4
    Length=0}
    - Layer 2 (20 bytes) = IPv4 {Contents=[..20..] Payload=[..416..]
    Version=4 IHL=5 TOS=0 Length=436 Id=0 Flags=DF FragOffset=0 TTL=64
    Protocol=TCP Checksum=24376 SrcIP=192.168.75.96 DstIP=108.177.97.82
    Options=[] Padding=[]}
    - Layer 3 (32 bytes) = TCP {Contents=[..32..] Payload=[..384..]
    SrcPort=51190 DstPort=80(http) Seq=1867296718 Ack=2345355645
    DataOffset=8 FIN=false SYN=false RST=false PSH=true ACK=true
    URG=false ECE=false CWR=false NS=false Window=
    4096 Checksum=19074 Urgent=0 Options=[TCPOption(NOP:),
    TCPOption(NOP:), TCPOption(Timestamps:958590780/3024242800
    0x3922ef3cb4424870)] Padding=[]}
    - Layer 4 (384 bytes) ^C1 63 69 6e 74 6f 73 |la/5.0 (Macintos|

    View Slide

  37. View Slide

  38. 4USJOHFS͕ઃఆ͞Ε͍ͯΔͧʂ
    func(* p) String()͕ఆٛ͞Ε͍ͯΔ

    View Slide

  39. ࣮ମ͸QBDLFUFBHFS1BDLFUͳͷͰ
    HJUIVCDPNHPPHMFHPQBDLFUQBDLFUHP-
    ͔ΒίʔυΛ८ΕΔ

    View Slide

  40. ͭ·Γ
    HPPHMFHPQBDLFUͷ࢖͍ํ͕
    Θ͔Δ

    View Slide

  41. ੋඇ͓͏ͪͰಡΜͰΈ͍ͯͩ͘͞

    View Slide

  42. HPPHMFHPQBDLFUͰ
    5$1ύέοτΛಡΉ

    View Slide

  43. 5$1ύέοτͬ͘͟Γ
    &UIFSOFU CZUF

    *1ϔομ CZUF

    5$1ϔομ CZUF

    ࢒Γ
    5$1Φϓγϣϯ /CZUF

    σʔλ
    ྫ͑͹)551΍.Z42-ͷϓϩτίϧ͸͔͜͜Β
    ελʔτ͍ͯ͠Δ

    View Slide

  44. HPPHMFHPQBDLFU

    View Slide

  45. HPPHMFHPQBDLFU
    &UIFSOFU CZUF

    *1ϔομ CZUF

    5$1ϔομ CZUF

    ࢒Γ
    5$1Φϓγϣϯ /CZUF

    σʔλ
    -BZFS
    -BZFS*1W
    -BZFS5$1
    -BZFS1BZMPBE

    View Slide

  46. -BZFS1BZMPBE
    ΛಡΊ͹͍͍ͷͰศར
    tcpLayer := packet.Layer(layers.LayerTypeTCP)
    data := tcpLayer.LayerPayload()
    fmt.Printf(“%s”, hex.Dump(data))
    w)551΋.Z42-΋1PTUHSF42-΋͔͜͜ΒCZUFͮͭ
    ղੳ͢Ε͹·ͣ͸0,

    View Slide

  47. ͜ΕͰ҆৺ͯ͠
    5$1ύέοτղੳΛ͸͡ΊΒΕ·͢Ͷʂ

    View Slide

  48. ࠷ۙΘͨ͠΋
    5$1ύέοτղੳΛ͸͡Ί·ͨ͠

    View Slide

  49. (PͰ5$1ύέοτղੳΛͯ͠Έ·͠ΐ͏ʂ
    ίʔυʹམͱ͠ࠐΊͨΒͬͪ͜ͷ΋ͷʂ

    View Slide

  50. Έͳ͞Μ΋ੋඇ
    5$1ύέοτΛCZUFͮͭಡΜͰ
    ʮͳΜͰ͜ͷόΠτྻ͕͋ΔΜͩΑʜʯ
    ʮ)551ͩͱ͜Μͳ͜ͱͳ͍ͷʹʜʯ
    ͱ΢ϯ΢ϯ͏ͳΓ·͠ΐ͏

    View Slide



  51. 5IBOLZPV
    ࠷৽ͷ࠾༻৘ใΛνΣοΫˠ !QC@SFDSVJU

    View Slide