matchCtx added

This commit is contained in:
crusader 2018-09-03 22:36:57 +09:00
parent 3e7b2fda79
commit c15fd7d46e
49 changed files with 505 additions and 542 deletions

View File

@ -177,23 +177,19 @@ func (m *ActiveDirectoryMatcher) Key() string {
return "ACTIVEDIRECTORY" return "ACTIVEDIRECTORY"
} }
func (m *ActiveDirectoryMatcher) Name() string { func (m *ActiveDirectoryMatcher) Name(matchCtx *osm.MatchCtx) string {
return "ActiveDirectory" return "ActiveDirectory"
} }
func (m *ActiveDirectoryMatcher) Meta() osm.Metadata { func (m *ActiveDirectoryMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (m *ActiveDirectoryMatcher) IsPrePacket() bool {
return false return false
} }
func (m *ActiveDirectoryMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *ActiveDirectoryMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (m *ActiveDirectoryMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *ActiveDirectoryMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -18,18 +18,19 @@ func TestAD(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.10", 10389)
pack := m.Packet(i) for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
p := osm.NewPacket(bytes, n) p := osm.NewPacket(bytes, n)
if err := m.Match(nil, i, p); err != nil { if err := m.Match(matchCtx, i, p); err != nil {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta())
} }

View File

@ -23,27 +23,23 @@ func (m *CassandraMatcher) Key() string {
return "CASSANDRA" return "CASSANDRA"
} }
func (m *CassandraMatcher) Name() string { func (m *CassandraMatcher) Name(matchCtx *osm.MatchCtx) string {
return "Cassandra" return "Cassandra"
} }
func (m *CassandraMatcher) Meta() osm.Metadata { func (m *CassandraMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (m *CassandraMatcher) IsPrePacket() bool {
return false return false
} }
func (m *CassandraMatcher) HasResponse(index int) bool { func (m *CassandraMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (m *CassandraMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *CassandraMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (m *CassandraMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *CassandraMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -18,9 +18,11 @@ func TestCassandra(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.103", 8080)
pack := m.Packet(i) for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -30,5 +32,5 @@ func TestCassandra(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -41,31 +41,27 @@ type DNSMatcher struct {
osm.Matchers osm.Matchers
} }
func (t *DNSMatcher) Key() string { func (m *DNSMatcher) Key() string {
return "DNS" return "DNS"
} }
func (t *DNSMatcher) Name() string { func (m *DNSMatcher) Name(matchCtx *osm.MatchCtx) string {
return "DNS" return "DNS"
} }
func (t *DNSMatcher) Meta() osm.Metadata { func (m *DNSMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (t *DNSMatcher) IsPrePacket() bool {
return false return false
} }
func (t *DNSMatcher) HasResponse(index int) bool { func (m *DNSMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (t *DNSMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *DNSMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (t *DNSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *DNSMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
} }
@ -114,7 +110,7 @@ func (t *DNSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) er
return nil return nil
} }
func (t *DNSMatcher) IsSend(port int) bool { func (m *DNSMatcher) IsSend(port int) bool {
if 53 == port { if 53 == port {
return true return true
} }

View File

@ -10,15 +10,20 @@ import (
func TestDns(t *testing.T) { func TestDns(t *testing.T) {
m := NewMatcher() m := NewMatcher()
conn, _ := net.Dial("udp", "192.168.1.254:53") conn, err := net.Dial("udp", "192.168.1.254:53")
if err != nil {
t.Error(err)
return
}
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.254", 53)
for i := 0; i < m.PacketCount(matchCtx); i++ {
if m.IsSend(53) != true { if m.IsSend(53) != true {
t.Error("not port") t.Error("not port")
} }
pack := m.Packet(i) pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -29,5 +34,5 @@ func TestDns(t *testing.T) {
} }
} }
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -11,38 +11,33 @@ import (
type ElasticSearchMatcher struct { type ElasticSearchMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (es *ElasticSearchMatcher) Key() string { func (m *ElasticSearchMatcher) Key() string {
return "ELASTICSEARCH" return "ELASTICSEARCH"
} }
func (es *ElasticSearchMatcher) Name() string { func (m *ElasticSearchMatcher) Name(matchCtx *osm.MatchCtx) string {
name := "ElasticSearch" name := "ElasticSearch"
if v, ok := es.meta["number"]; ok { if v, ok := matchCtx.GetAttribute("number"); ok {
name = name + " (" + v + ")" name = name + " (" + v.(string) + ")"
} }
return name return name
} }
func (es *ElasticSearchMatcher) Meta() osm.Metadata { func (m *ElasticSearchMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return es.meta
}
func (es *ElasticSearchMatcher) IsPrePacket() bool {
return false return false
} }
func (es *ElasticSearchMatcher) HasResponse(index int) bool { func (m *ElasticSearchMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (es *ElasticSearchMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *ElasticSearchMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (es *ElasticSearchMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *ElasticSearchMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -86,34 +81,34 @@ func (es *ElasticSearchMatcher) Match(info osm.MatchInfo, index int, packet *osm
if strings.HasPrefix(content, "{") && strings.HasSuffix(content, "}") { if strings.HasPrefix(content, "{") && strings.HasSuffix(content, "}") {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
es.parseJson(content) m.parseJson(matchCtx, content)
if _, ok := es.meta["cluster_name"]; !ok { if _, ok := matchCtx.GetAttribute("cluster_name"); !ok {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
if _, ok := es.meta["cluster_uuid"]; !ok { if _, ok := matchCtx.GetAttribute("cluster_uuid"); !ok {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
return nil return nil
} }
func (es *ElasticSearchMatcher) parseJson(jsonstr string) error { func (m *ElasticSearchMatcher) parseJson(matchCtx *osm.MatchCtx, jsonstr string) error {
jsonMap := make(map[string]interface{}) jsonMap := make(map[string]interface{})
err := json.Unmarshal([]byte(jsonstr), &jsonMap) err := json.Unmarshal([]byte(jsonstr), &jsonMap)
if err != nil { if err != nil {
return err return err
} }
es.dumpMap(jsonMap) m.dumpMap(matchCtx, jsonMap)
return nil return nil
} }
func (es *ElasticSearchMatcher) dumpMap(m map[string]interface{}) { func (m *ElasticSearchMatcher) dumpMap(matchCtx *osm.MatchCtx, jsonMap map[string]interface{}) {
for k, v := range m { for k, v := range jsonMap {
if mv, ok := v.(map[string]interface{}); ok { if mv, ok := v.(map[string]interface{}); ok {
es.dumpMap(mv) m.dumpMap(matchCtx, mv)
} else { } else {
s, ok := v.(string) s, ok := v.(string)
if ok { if ok {
es.meta[k] = s matchCtx.SetAttribute(k, s)
} }
} }
} }
@ -122,7 +117,6 @@ func (es *ElasticSearchMatcher) dumpMap(m map[string]interface{}) {
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &ElasticSearchMatcher{} m := &ElasticSearchMatcher{}
m.meta = osm.NewMetadata()
reqStr := "GET / HTTP/1.1\r\n\r\n" reqStr := "GET / HTTP/1.1\r\n\r\n"
byte := make([]byte, len(reqStr)) byte := make([]byte, len(reqStr))

View File

@ -14,11 +14,12 @@ func TestES(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("ERR %s", err) t.Errorf("ERR %s", err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("localhost", 9200)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -30,6 +31,6 @@ func TestES(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -27,34 +27,29 @@ const (
type FTPMatcher struct { type FTPMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (ftp *FTPMatcher) Key() string { func (m *FTPMatcher) Key() string {
return "FTP" return "FTP"
} }
func (ftp *FTPMatcher) Name() string { func (m *FTPMatcher) Name(matchCtx *osm.MatchCtx) string {
return "FTP" return "FTP"
} }
func (ftp *FTPMatcher) Meta() osm.Metadata { func (m *FTPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return ftp.meta
}
func (ftp *FTPMatcher) IsPrePacket() bool {
return true return true
} }
func (ftp *FTPMatcher) HasResponse(index int) bool { func (m *FTPMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (ftp *FTPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *FTPMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (ftp *FTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *FTPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -69,7 +64,7 @@ func (ftp *FTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
if index == 0 { if index == 0 {
switch code { switch code {
case statusNewConnectOK, statusReadyServer: case statusNewConnectOK, statusReadyServer:
ftp.meta["comment"] = str[4:] matchCtx.SetAttribute("comment", str[4:])
return nil return nil
} }
} else if index == 1 { } else if index == 1 {
@ -83,9 +78,7 @@ func (ftp *FTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
} }
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &FTPMatcher{} m := &FTPMatcher{}
m.meta = osm.NewMetadata()
quitStr := "QUIT\r\n" quitStr := "QUIT\r\n"
quitByte := make([]byte, len(quitStr)) quitByte := make([]byte, len(quitStr))

View File

@ -20,8 +20,10 @@ func TestFTP(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.229", 21)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -34,8 +36,8 @@ func TestFTP(t *testing.T) {
return return
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }
func TestFTPS(t *testing.T) { func TestFTPS(t *testing.T) {
@ -61,8 +63,10 @@ func TestFTPS(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.201", 990)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -74,6 +78,6 @@ func TestFTPS(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -8,38 +8,33 @@ import (
type HTTPMatcher struct { type HTTPMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (h *HTTPMatcher) Key() string { func (m *HTTPMatcher) Key() string {
return "HTTP" return "HTTP"
} }
func (h *HTTPMatcher) Name() string { func (m *HTTPMatcher) Name(matchCtx *osm.MatchCtx) string {
name := "HTTP" name := "HTTP"
if v, ok := h.meta["server"]; ok { if v, ok := matchCtx.GetAttribute("server"); ok {
name = name + " (" + v + ")" name = name + " (" + v.(string) + ")"
} }
return name return name
} }
func (h *HTTPMatcher) Meta() osm.Metadata { func (m *HTTPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return h.meta
}
func (h *HTTPMatcher) IsPrePacket() bool {
return false return false
} }
func (h *HTTPMatcher) HasResponse(index int) bool { func (m *HTTPMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (h *HTTPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *HTTPMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (h *HTTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *HTTPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -68,9 +63,9 @@ func (h *HTTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e
} }
} }
h.meta["protocol_version"] = protocol matchCtx.SetAttribute("protocol_version", protocol)
if len(serverName) > 0 { if len(serverName) > 0 {
h.meta["server"] = serverName matchCtx.SetAttribute("server", serverName)
} }
return nil return nil
@ -79,7 +74,6 @@ func (h *HTTPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &HTTPMatcher{} m := &HTTPMatcher{}
m.meta = osm.NewMetadata()
reqStr := "GET / HTTP/1.1\r\n\r\n" reqStr := "GET / HTTP/1.1\r\n\r\n"
byte := make([]byte, len(reqStr)) byte := make([]byte, len(reqStr))

View File

@ -16,11 +16,12 @@ func TestHTTP(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("ERR %s", err) t.Errorf("ERR %s", err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("localhost", 8000)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -32,8 +33,8 @@ func TestHTTP(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }
func TestHTTPS(t *testing.T) { func TestHTTPS(t *testing.T) {
@ -55,11 +56,12 @@ func TestHTTPS(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("ERR %s", err) t.Errorf("ERR %s", err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.1", 443)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -71,6 +73,6 @@ func TestHTTPS(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -13,31 +13,27 @@ type IMAPMatcher struct {
osm.Matchers osm.Matchers
} }
func (i *IMAPMatcher) Key() string { func (m *IMAPMatcher) Key() string {
return "IMAP" return "IMAP"
} }
func (i *IMAPMatcher) Name() string { func (m *IMAPMatcher) Name(matchCtx *osm.MatchCtx) string {
return "IMAP" return "IMAP"
} }
func (i *IMAPMatcher) Meta() osm.Metadata { func (m *IMAPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (i *IMAPMatcher) IsPrePacket() bool {
return true return true
} }
func (i *IMAPMatcher) HasResponse(index int) bool { func (m *IMAPMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (i *IMAPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *IMAPMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (i *IMAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *IMAPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
switch index { switch index {
case 0: case 0:

View File

@ -9,7 +9,7 @@ import (
osm "git.loafle.net/overflow/service_matcher-go" osm "git.loafle.net/overflow/service_matcher-go"
) )
func ImapRun(client net.Conn, t *testing.T) { func ImapRun(matchCtx *osm.MatchCtx, conn net.Conn, t *testing.T) {
lm := NewMatcher() lm := NewMatcher()
@ -21,51 +21,46 @@ func ImapRun(client net.Conn, t *testing.T) {
//ipport = port.Host.Ip + ":" + string(port.Port) //ipport = port.Host.Ip + ":" + string(port.Port)
// //
//fmt.Println(ipport) //fmt.Println(ipport)
//client, _ := net.Dial("tcp", ipport) //conn, _ := net.Dial("tcp", ipport)
//defer client.Close() //defer conn.Close()
bytett := make([]byte, 1024) bytett := make([]byte, 1024)
rr, _ := client.Read(bytett) rr, _ := conn.Read(bytett)
bb := lm.Match(nil, 0, osm.NewPacket(bytett, rr)) if err := lm.Match(matchCtx, 0, osm.NewPacket(bytett, rr)); nil == err {
if bb {
t.Log("good!") t.Log("good!")
} }
fmt.Println(lm.PacketCount()) fmt.Println(lm.PacketCount(matchCtx))
for ii := 0; ii < lm.PacketCount(); ii++ { for ii := 0; ii < lm.PacketCount(matchCtx); ii++ {
pack := lm.Packet(ii) pack := lm.Packet(matchCtx, ii)
//fmt.Println(pack) //fmt.Println(pack)
client.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
read, _ := client.Read(bytes) read, _ := conn.Read(bytes)
fmt.Println(cap(bytes)) fmt.Println(cap(bytes))
//fmt.Println(bytes) //fmt.Println(bytes)
b := lm.Match(nil, ii+1, osm.NewPacket(bytes, read)) if err := lm.Match(nil, ii+1, osm.NewPacket(bytes, read)); nil == err {
if b {
t.Log("send Good!") t.Log("send Good!")
} }
} }
} }
func TestIMapTls(t *testing.T) { func TestIMapTls(t *testing.T) {
conn, _ := tls.Dial( conn, err := tls.Dial(
"tcp", "tcp",
"192.168.1.15:993", "192.168.1.15:993",
&tls.Config{ &tls.Config{
@ -73,23 +68,31 @@ func TestIMapTls(t *testing.T) {
ServerName: "192.168.1.15", ServerName: "192.168.1.15",
}, },
) )
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
ImapRun(conn, t) matchCtx := osm.NewMatchCtx("192.168.1.15", 993)
ImapRun(matchCtx, conn, t)
} }
func TestIMapNormal(t *testing.T) { func TestIMapNormal(t *testing.T) {
client, err := net.Dial("tcp", "192.168.1.15:143") conn, err := net.Dial("tcp", "192.168.1.15:143")
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close()
defer client.Close() matchCtx := osm.NewMatchCtx("192.168.1.15", 143)
ImapRun(client, t) ImapRun(matchCtx, conn, t)
} }
@ -105,45 +108,44 @@ func TestImap(t *testing.T) {
//ipport = port.Host.Ip + ":" + port.Port_ //ipport = port.Host.Ip + ":" + port.Port_
fmt.Println(ipport) fmt.Println(ipport)
client, _ := net.Dial("tcp", ipport) conn, err := net.Dial("tcp", ipport)
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close()
defer client.Close() matchCtx := osm.NewMatchCtx("192.168.1.15", 993)
bytett := make([]byte, 1024) bytett := make([]byte, 1024)
rr, _ := client.Read(bytett) rr, _ := conn.Read(bytett)
//bb := lm.Match(0, osm.NewPacket(bytett, rr), scanInfo) //bb := lm.Match(0, osm.NewPacket(bytett, rr), scanInfo)
bb := lm.Match(nil, 0, osm.NewPacket(bytett, rr)) if err := lm.Match(nil, 0, osm.NewPacket(bytett, rr)); nil == err {
if bb {
t.Log("good!") t.Log("good!")
} }
fmt.Println(lm.PacketCount()) fmt.Println(lm.PacketCount(matchCtx))
for ii := 0; ii < lm.PacketCount(); ii++ { for ii := 0; ii < lm.PacketCount(matchCtx); ii++ {
pack := lm.Packet(ii) pack := lm.Packet(matchCtx, ii)
//fmt.Println(pack) //fmt.Println(pack)
client.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
read, _ := client.Read(bytes) read, _ := conn.Read(bytes)
fmt.Println(cap(bytes)) fmt.Println(cap(bytes))
//fmt.Println(bytes) //fmt.Println(bytes)
b := lm.Match(nil, ii+1, osm.NewPacket(bytes, read)) if err := lm.Match(nil, ii+1, osm.NewPacket(bytes, read)); nil == err {
if b {
t.Log("send Good!") t.Log("send Good!")
} }
} }
//t.Log(scanInfo) //t.Log(scanInfo)
} }

View File

@ -18,27 +18,23 @@ type LDAPMatcher struct {
reqID int64 reqID int64
} }
func (l *LDAPMatcher) Key() string { func (m *LDAPMatcher) Key() string {
return "LDAP" return "LDAP"
} }
func (l *LDAPMatcher) Name() string { func (m *LDAPMatcher) Name(matchCtx *osm.MatchCtx) string {
return "LDAP" return "LDAP"
} }
func (l *LDAPMatcher) Meta() osm.Metadata { func (m *LDAPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (l *LDAPMatcher) IsPrePacket() bool {
return false return false
} }
func (l *LDAPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *LDAPMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (l *LDAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *LDAPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -53,7 +49,7 @@ func (l *LDAPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e
if !ok { if !ok {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
if respID != l.reqID { if respID != m.reqID {
return osm.NotMatchedError() return osm.NotMatchedError()
} }

View File

@ -18,11 +18,12 @@ func TestLdap(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("ERR %s", err) t.Errorf("ERR %s", err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.10", 10389)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -34,8 +35,8 @@ func TestLdap(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }
func TestBer(t *testing.T) { func TestBer(t *testing.T) {

View File

@ -6,34 +6,29 @@ import (
type LPDMatcher struct { type LPDMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (l *LPDMatcher) Key() string { func (m *LPDMatcher) Key() string {
return "LPD" return "LPD"
} }
func (l *LPDMatcher) Meta() osm.Metadata { func (m *LPDMatcher) Name(matchCtx *osm.MatchCtx) string {
return l.meta
}
func (l *LPDMatcher) Name() string {
return "LPD (Printer)" return "LPD (Printer)"
} }
func (l *LPDMatcher) IsPrePacket() bool { func (m *LPDMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return false return false
} }
func (l *LPDMatcher) HasResponse(index int) bool { func (m *LPDMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (l *LPDMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *LPDMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (l *LPDMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *LPDMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -47,7 +42,6 @@ func (l *LPDMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) er
} }
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &LPDMatcher{} m := &LPDMatcher{}
reqStr := "GET / HTTP/1.1\r\n\r\n" reqStr := "GET / HTTP/1.1\r\n\r\n"
rbyte := make([]byte, len(reqStr)) rbyte := make([]byte, len(reqStr))

View File

@ -14,11 +14,12 @@ func TestLDP(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("ERR %s", err) t.Errorf("ERR %s", err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.99", 515)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -30,7 +31,7 @@ func TestLDP(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -4,22 +4,14 @@ import "fmt"
type Matcher interface { type Matcher interface {
Key() string Key() string
Name() string Name(matchCtx *MatchCtx) string
Meta() Metadata IsPrePacket(matchCtx *MatchCtx) bool
PacketCount(matchCtx *MatchCtx) int
Packet(matchCtx *MatchCtx, index int) *Packet
HasResponse(matchCtx *MatchCtx, index int) bool
IsPrePacket() bool Match(matchCtx *MatchCtx, index int, packet *Packet) error
PacketCount() int
Packet(index int) *Packet
HasResponse(index int) bool
Match(info MatchInfo, index int, packet *Packet) error
}
type Metadata map[string]string
func NewMetadata() Metadata {
return make(map[string]string)
} }
type UDPMatcher interface { type UDPMatcher interface {
@ -31,15 +23,15 @@ type Matchers struct {
packets []*Packet packets []*Packet
} }
func (m *Matchers) PacketCount() int { func (m *Matchers) PacketCount(matchCtx *MatchCtx) int {
return len(m.packets) return len(m.packets)
} }
func (m *Matchers) Packet(index int) *Packet { func (m *Matchers) Packet(matchCtx *MatchCtx, index int) *Packet {
return m.packets[index] return m.packets[index]
} }
func (m *Matchers) HasResponse(index int) bool { func (m *Matchers) HasResponse(matchCtx *MatchCtx, index int) bool {
return len(m.packets)-1 > index return len(m.packets)-1 > index
} }
@ -47,28 +39,39 @@ func (m *Matchers) AddPacket(packet *Packet) {
m.packets = append(m.packets, packet) m.packets = append(m.packets, packet)
} }
type MatchInfo interface { type MatchCtx struct {
IP() string address string
Port() int
}
type simpleMatchInfo struct {
ip string
port int port int
attributes map[string]interface{}
} }
func (mi *simpleMatchInfo) IP() string { func (mc *MatchCtx) Address() string {
return mi.ip return mc.address
} }
func (mi *simpleMatchInfo) Port() int { func (mc *MatchCtx) Port() int {
return mi.port return mc.port
} }
func NewMatchInfo(ip string, port int) MatchInfo { func (mc *MatchCtx) GetAttribute(key string) (value interface{}, ok bool) {
return &simpleMatchInfo{ value, ok = mc.attributes[key]
ip: ip,
return
}
func (mc *MatchCtx) SetAttribute(key string, value interface{}) {
mc.attributes[key] = value
}
func (mc *MatchCtx) InitAttribute() {
mc.attributes = make(map[string]interface{})
}
func NewMatchCtx(address string, port int) *MatchCtx {
return &MatchCtx{
address: address,
port: port, port: port,
attributes: make(map[string]interface{}),
} }
} }

View File

@ -48,34 +48,29 @@ type OP_reply struct {
type MongoDBMatcher struct { type MongoDBMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (m *MongoDBMatcher) Key() string { func (m *MongoDBMatcher) Key() string {
return "MONGODB" return "MONGODB"
} }
func (m *MongoDBMatcher) Name() string { func (m *MongoDBMatcher) Name(matchCtx *osm.MatchCtx) string {
return "MongoDB" return "MongoDB"
} }
func (m *MongoDBMatcher) Meta() osm.Metadata { func (m *MongoDBMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return m.meta
}
func (m *MongoDBMatcher) IsPrePacket() bool {
return false return false
} }
func (m *MongoDBMatcher) HasResponse(index int) bool { func (m *MongoDBMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (m *MongoDBMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *MongoDBMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (m *MongoDBMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *MongoDBMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -108,7 +103,6 @@ func (m *MongoDBMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
mm := &MongoDBMatcher{} mm := &MongoDBMatcher{}
mm.meta = osm.NewMetadata()
tempBuf := new(bytes.Buffer) tempBuf := new(bytes.Buffer)
binary.Write(tempBuf, binary.BigEndian, OP_request{}) binary.Write(tempBuf, binary.BigEndian, OP_request{})

View File

@ -10,16 +10,20 @@ import (
func TestMongoNor(t *testing.T) { func TestMongoNor(t *testing.T) {
conn, _ := net.Dial("tcp", "192.168.1.229:27036") conn, err := net.Dial("tcp", "192.168.1.229:27036")
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
MongoRun(conn, t) matchCtx := osm.NewMatchCtx("192.168.1.229", 27036)
MongoRun(matchCtx, conn, t)
} }
func TestMongoTLS(t *testing.T) { func TestMongoTLS(t *testing.T) {
conn, _ := tls.Dial( conn, err := tls.Dial(
"tcp", "tcp",
"192.168.1.229:27036", "192.168.1.229:27036",
&tls.Config{ &tls.Config{
@ -27,19 +31,23 @@ func TestMongoTLS(t *testing.T) {
ServerName: "192.168.1.229", ServerName: "192.168.1.229",
}, },
) )
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
MongoRun(conn, t) matchCtx := osm.NewMatchCtx("192.168.1.229", 27036)
MongoRun(matchCtx, conn, t)
} }
func MongoRun(conn net.Conn, t *testing.T) { func MongoRun(matchCtx *osm.MatchCtx, conn net.Conn, t *testing.T) {
m := NewMatcher() m := NewMatcher()
for i := 0; i < m.PacketCount(); i++ { for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(i) pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -50,6 +58,6 @@ func MongoRun(conn net.Conn, t *testing.T) {
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -11,37 +11,32 @@ import (
type MySqlMatcher struct { type MySqlMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (m *MySqlMatcher) Key() string { func (m *MySqlMatcher) Key() string {
return "MYSQL" return "MYSQL"
} }
func (m *MySqlMatcher) Name() string { func (m *MySqlMatcher) Name(matchCtx *osm.MatchCtx) string {
name := "MySQL" name := "MySQL"
if v, ok := m.meta["version"]; ok { if v, ok := matchCtx.GetAttribute("version"); ok {
if strings.Contains(v, "MariaDB") { if strings.Contains(v.(string), "MariaDB") {
name = "MariaDB" name = "MariaDB"
} }
name = name + " (" + v + ")" name = name + " (" + v.(string) + ")"
} }
return name return name
} }
func (m *MySqlMatcher) Meta() osm.Metadata { func (m *MySqlMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return m.meta
}
func (m *MySqlMatcher) IsPrePacket() bool {
return true return true
} }
func (m *MySqlMatcher) HasResponse(index int) bool { func (m *MySqlMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (m *MySqlMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *MySqlMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
@ -55,7 +50,7 @@ type serverSettings struct {
keepalive int64 keepalive int64
} }
func (m *MySqlMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *MySqlMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
} }
@ -76,7 +71,7 @@ func (m *MySqlMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
if err != nil { if err != nil {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
m.meta["version"] = string(slice) matchCtx.SetAttribute("version", string(slice))
pos += len(slice) + 1 pos += len(slice) + 1
p.threadID = bytesToUint32(packet.Buffer[pos : pos+4]) p.threadID = bytesToUint32(packet.Buffer[pos : pos+4])
@ -105,6 +100,6 @@ func bytesToUint32(b []byte) (n uint32) {
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &MySqlMatcher{} m := &MySqlMatcher{}
m.meta = osm.NewMetadata()
return m return m
} }

View File

@ -11,10 +11,14 @@ func TestMySql(t *testing.T) {
m := NewMatcher() m := NewMatcher()
conn, _ := net.Dial("tcp", "192.168.1.201:23306") conn, err := net.Dial("tcp", "192.168.1.201:23306")
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
matchCtx := osm.NewMatchCtx("192.168.1.201", 23306)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
p := osm.NewPacket(bytes, n) p := osm.NewPacket(bytes, n)
@ -22,7 +26,7 @@ func TestMySql(t *testing.T) {
if err := m.Match(nil, 0, p); err != nil { if err := m.Match(nil, 0, p); err != nil {
t.Error(err) t.Error(err)
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -29,31 +29,27 @@ type NBSSMatcher struct {
osm.Matchers osm.Matchers
} }
func (t *NBSSMatcher) Key() string { func (m *NBSSMatcher) Key() string {
return "NBSS" return "NBSS"
} }
func (t *NBSSMatcher) Name() string { func (m *NBSSMatcher) Name(matchCtx *osm.MatchCtx) string {
return "NBSS" return "NBSS"
} }
func (t *NBSSMatcher) Meta() osm.Metadata { func (m *NBSSMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (t *NBSSMatcher) IsPrePacket() bool {
return false return false
} }
func (t *NBSSMatcher) HasResponse(index int) bool { func (m *NBSSMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (t *NBSSMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *NBSSMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (t *NBSSMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *NBSSMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -11,13 +11,17 @@ func TestNBSS(t *testing.T) {
m := NewMatcher() m := NewMatcher()
conn, _ := net.Dial("tcp", "192.168.1.102:139") conn, err := net.Dial("tcp", "192.168.1.102:139")
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.102", 139)
pack := m.Packet(i) for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -27,6 +31,6 @@ func TestNBSS(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -11,30 +11,26 @@ type OracleMatcher struct {
osm.Matchers osm.Matchers
} }
func (o *OracleMatcher) Key() string { func (m *OracleMatcher) Key() string {
return "ORACLE" return "ORACLE"
} }
func (o *OracleMatcher) Name() string { func (m *OracleMatcher) Name(matchCtx *osm.MatchCtx) string {
return "Oracle" return "Oracle"
} }
func (o *OracleMatcher) Meta() osm.Metadata { func (m *OracleMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (o *OracleMatcher) IsPrePacket() bool {
return false return false
} }
func (o *OracleMatcher) HasResponse(index int) bool { func (m *OracleMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (o *OracleMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *OracleMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (o *OracleMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *OracleMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil { if packet == nil {
return osm.NotMatchedError() return osm.NotMatchedError()
@ -71,7 +67,7 @@ func (o *OracleMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
return osm.NotMatchedError() return osm.NotMatchedError()
} }
var dataLen int = int(refuse.Data_len) dataLen := int(refuse.Data_len)
if dataLen != packet.Len-12 { // if dataLen != packet.Len-12 { //
if dataLen != packet.Len-22 { // morformed packet error not user not service if dataLen != packet.Len-22 { // morformed packet error not user not service
return osm.NotMatchedError() return osm.NotMatchedError()
@ -130,8 +126,8 @@ func NewMatcher() osm.Matcher {
conDataStr := "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.30)(PORT=1521))(CONNECT_DATA=(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=loafle.match))(SERVICE_NAME=oracle.loafle.com1)))" conDataStr := "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.30)(PORT=1521))(CONNECT_DATA=(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=loafle.match))(SERVICE_NAME=oracle.loafle.com1)))"
//conDataStr := "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.30)(PORT=1521))(CONNECT_DATA=(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=Jackdaw))(SERVICE_NAME=oracle.loafle.co1m)))" //conDataStr := "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.30)(PORT=1521))(CONNECT_DATA=(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=Jackdaw))(SERVICE_NAME=oracle.loafle.co1m)))"
connect_data := make([]byte, len(conDataStr)) connectData := make([]byte, len(conDataStr))
copy(connect_data, conDataStr) copy(connectData, conDataStr)
hpBuf := new(bytes.Buffer) hpBuf := new(bytes.Buffer)
binary.Write(hpBuf, binary.BigEndian, hp) binary.Write(hpBuf, binary.BigEndian, hp)
@ -147,7 +143,7 @@ func NewMatcher() osm.Matcher {
copy(sendByte[0:], hpBt) copy(sendByte[0:], hpBt)
copy(sendByte[len(hpBt):], bcBt) copy(sendByte[len(hpBt):], bcBt)
copy(sendByte[len(hpBt)+len(bcBt):], connect_data) copy(sendByte[len(hpBt)+len(bcBt):], connectData)
m.AddPacket(osm.NewPacket(sendByte, byteSize)) m.AddPacket(osm.NewPacket(sendByte, byteSize))

View File

@ -9,36 +9,38 @@ import (
func TestOracle(t *testing.T) { func TestOracle(t *testing.T) {
lm := NewOracleMatcher() lm := NewMatcher()
//port := types.NewPort("1521", types.NewHost("192.168.1.30"), types.TYPE_TCP) //port := types.NewPort("1521", types.NewHost("192.168.1.30"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port) //scanInfo := scaninfo.NewServiceScanInfo(port)
//var ipport string //var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port) //ipport = port.Host.Ip + ":" + string(port.Port)
client, _ := net.Dial("tcp", "192.168.1.15:1521") conn, err := net.Dial("tcp", "192.168.1.15:1521")
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close()
defer client.Close() matchCtx := osm.NewMatchCtx("192.168.1.15", 1521)
t.Log(lm.PacketCount()) t.Log(lm.PacketCount(matchCtx))
for ii := 0; ii < lm.PacketCount(); ii++ { for ii := 0; ii < lm.PacketCount(matchCtx); ii++ {
pack := lm.Packet(ii) pack := lm.Packet(matchCtx, ii)
t.Log(pack) t.Log(pack)
client.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
read, _ := client.Read(bytes) read, _ := conn.Read(bytes)
t.Log(bytes) t.Log(bytes)
b := lm.Match(ii, osm.NewPacket(bytes, read), nil) if err := lm.Match(matchCtx, ii, osm.NewPacket(bytes, read)); nil == err {
if b {
t.Log("Good") t.Log("Good")
} }

View File

@ -12,31 +12,27 @@ type POPMatcher struct {
osm.Matchers osm.Matchers
} }
func (p *POPMatcher) Key() string { func (m *POPMatcher) Key() string {
return "POP3" return "POP3"
} }
func (p *POPMatcher) Name() string { func (m *POPMatcher) Name(matchCtx *osm.MatchCtx) string {
return "POP3" return "POP3"
} }
func (p *POPMatcher) Meta() osm.Metadata { func (m *POPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (p *POPMatcher) IsPrePacket() bool {
return true return true
} }
func (p *POPMatcher) HasResponse(index int) bool { func (m *POPMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (p *POPMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *POPMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (p *POPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *POPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
switch index { switch index {
case 0: case 0:

View File

@ -11,7 +11,7 @@ import (
) )
func TestPopTLS(t *testing.T) { func TestPopTLS(t *testing.T) {
conn, _ := tls.Dial( conn, err := tls.Dial(
"tcp", "tcp",
"192.168.1.15:995", "192.168.1.15:995",
&tls.Config{ &tls.Config{
@ -19,25 +19,33 @@ func TestPopTLS(t *testing.T) {
ServerName: "192.168.1.15", ServerName: "192.168.1.15",
}, },
) )
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close() defer conn.Close()
pop3Run(conn, t) matchCtx := osm.NewMatchCtx("192.168.1.15", 995)
pop3Run(matchCtx, conn, t)
} }
func TestPopNor(t *testing.T) { func TestPopNor(t *testing.T) {
client, _ := net.Dial("tcp", "192.168.1.15:110") conn, err := net.Dial("tcp", "192.168.1.15:110")
if err != nil {
t.Errorf("ERR %s", err)
}
defer conn.Close()
defer client.Close() matchCtx := osm.NewMatchCtx("192.168.1.15", 110)
pop3Run(client, t) pop3Run(matchCtx, conn, t)
} }
func pop3Run(client net.Conn, t *testing.T) { func pop3Run(matchCtx *osm.MatchCtx, conn net.Conn, t *testing.T) {
lm := NewPOPMatcher() lm := NewMatcher()
//port := types.NewPort("110", types.NewHost("192.168.1.215"), types.TYPE_TCP) //port := types.NewPort("110", types.NewHost("192.168.1.215"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port) //scanInfo := scaninfo.NewServiceScanInfo(port)
@ -48,33 +56,29 @@ func pop3Run(client net.Conn, t *testing.T) {
bytett := make([]byte, 1024) bytett := make([]byte, 1024)
read, _ := client.Read(bytett) read, _ := conn.Read(bytett)
bb := lm.Match(0, osm.NewPacket(bytett, read), nil) if err := lm.Match(matchCtx, 0, osm.NewPacket(bytett, read)); nil == err {
if bb {
t.Log("good!") t.Log("good!")
} }
fmt.Println(lm.PacketCount()) fmt.Println(lm.PacketCount(matchCtx))
for ii := 0; ii < lm.PacketCount(); ii++ { for ii := 0; ii < lm.PacketCount(matchCtx); ii++ {
pack := lm.Packet(ii) pack := lm.Packet(matchCtx, ii)
//fmt.Println(pack) //fmt.Println(pack)
client.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
rr, _ := client.Read(bytes) rr, _ := conn.Read(bytes)
//fmt.Println(bytes) //fmt.Println(bytes)
b := lm.Match(ii+1, osm.NewPacket(bytes, rr), nil) if err := lm.Match(matchCtx, ii+1, osm.NewPacket(bytes, rr)); nil == err {
if b {
t.Log("send Good!") t.Log("send Good!")
} }

View File

@ -39,34 +39,29 @@ type pgsqlErrResponse struct {
type PostgreSQLMatcher struct { type PostgreSQLMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (p *PostgreSQLMatcher) Key() string { func (m *PostgreSQLMatcher) Key() string {
return "POSTGRESQL" return "POSTGRESQL"
} }
func (p *PostgreSQLMatcher) Name() string { func (m *PostgreSQLMatcher) Name(matchCtx *osm.MatchCtx) string {
return "PostgreSQL" return "PostgreSQL"
} }
func (p *PostgreSQLMatcher) Meta() osm.Metadata { func (m *PostgreSQLMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return p.meta
}
func (p *PostgreSQLMatcher) IsPrePacket() bool {
return false return false
} }
func (p *PostgreSQLMatcher) HasResponse(index int) bool { func (m *PostgreSQLMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (p *PostgreSQLMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *PostgreSQLMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return true return true
} }
func (p *PostgreSQLMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *PostgreSQLMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -92,8 +87,8 @@ func (p *PostgreSQLMatcher) Match(info osm.MatchInfo, index int, packet *osm.Pac
data := string(pg.Data[:]) data := string(pg.Data[:])
splits := strings.Split(data, "\x00") splits := strings.Split(data, "\x00")
var findSeverity bool = false findSeverity := false
var findErrorCode bool = false findErrorCode := false
for _, s := range splits { for _, s := range splits {
if strings.Contains(s, "FATAL") { if strings.Contains(s, "FATAL") {
findSeverity = true findSeverity = true

View File

@ -17,9 +17,11 @@ func TestPG(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.229", 5432)
pack := m.Packet(i) for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -29,6 +31,6 @@ func TestPG(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -13,46 +13,43 @@ const REDIS_QUIT string = "*1\r\n$4\r\nQUIT\r\n"
type RedisMatcher struct { type RedisMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
protected bool
} }
func (r *RedisMatcher) Key() string { func (m *RedisMatcher) Key() string {
return "REDIS" return "REDIS"
} }
func (r *RedisMatcher) Name() string { func (m *RedisMatcher) Name(matchCtx *osm.MatchCtx) string {
name := "Redis" name := "Redis"
if r.protected {
if v, ok := matchCtx.GetAttribute("protected"); ok {
if v.(bool) {
return name + " (protected)" return name + " (protected)"
} }
if v, ok := r.meta["redis_mode"]; ok {
name = name + " " + v
} }
if v, ok := r.meta["redis_version"]; ok {
name = name + " (" + v + ")" if v, ok := matchCtx.GetAttribute("redis_mode"); ok {
name = name + " " + v.(string)
}
if v, ok := matchCtx.GetAttribute("redis_version"); ok {
name = name + " (" + v.(string) + ")"
} }
return name return name
} }
func (r *RedisMatcher) Meta() osm.Metadata { func (m *RedisMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return r.meta
}
func (r *RedisMatcher) IsPrePacket() bool {
return false return false
} }
func (r *RedisMatcher) HasResponse(index int) bool { func (m *RedisMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (r *RedisMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *RedisMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (r *RedisMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *RedisMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -80,16 +77,21 @@ func (r *RedisMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
return nil return nil
} }
} }
r.protected = r.checkProtectedMode(packet)
if r.protected { protected := m.checkProtectedMode(packet)
matchCtx.SetAttribute("protected", protected)
if protected {
return nil return nil
} }
case 1: // INFO case 1: // INFO
response := string(packet.Bytes())
info := string(packet.Bytes()) if v, ok := matchCtx.GetAttribute("protected"); ok {
if !r.protected { if !v.(bool) {
r.parseInfo(info) m.parseResponse(matchCtx, response)
}
} }
return nil return nil
case 2: case 2:
@ -104,7 +106,7 @@ func (r *RedisMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
return osm.NotMatchedError() return osm.NotMatchedError()
} }
func (r *RedisMatcher) checkProtectedMode(packet *osm.Packet) bool { func (m *RedisMatcher) checkProtectedMode(packet *osm.Packet) bool {
var ( var (
compareSign = "-" compareSign = "-"
compareMsg = "DENIED" compareMsg = "DENIED"
@ -128,13 +130,11 @@ func (r *RedisMatcher) checkProtectedMode(packet *osm.Packet) bool {
return false return false
} }
r.protected = true
return true return true
} }
func (r *RedisMatcher) parseInfo(info string) { func (m *RedisMatcher) parseResponse(matchCtx *osm.MatchCtx, response string) {
scanner := bufio.NewScanner(strings.NewReader(info)) scanner := bufio.NewScanner(strings.NewReader(response))
for scanner.Scan() { for scanner.Scan() {
line := scanner.Text() line := scanner.Text()
if strings.Compare(line, "") == 0 { if strings.Compare(line, "") == 0 {
@ -143,23 +143,25 @@ func (r *RedisMatcher) parseInfo(info string) {
if len(line) > 0 && strings.Contains(line, ":") { if len(line) > 0 && strings.Contains(line, ":") {
kv := strings.Split(line, ":") kv := strings.Split(line, ":")
if len(kv[0]) > 0 && len(kv[1]) > 0 { if len(kv[0]) > 0 && len(kv[1]) > 0 {
r.meta[kv[0]] = kv[1] matchCtx.SetAttribute(kv[0], kv[1])
} }
} }
} }
} }
func (r *RedisMatcher) PacketCount() int { func (m *RedisMatcher) PacketCount(matchCtx *osm.MatchCtx) int {
if r.protected { if v, ok := matchCtx.GetAttribute("protected"); ok {
if v.(bool) {
return 1 return 1
} }
}
return 3 return 3
} }
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &RedisMatcher{} m := &RedisMatcher{}
m.meta = osm.NewMetadata()
m.AddPacket(osm.NewPacket([]byte(REDIS_PING), len(REDIS_PING))) m.AddPacket(osm.NewPacket([]byte(REDIS_PING), len(REDIS_PING)))
m.AddPacket(osm.NewPacket([]byte(REDIS_INFO), len(REDIS_INFO))) m.AddPacket(osm.NewPacket([]byte(REDIS_INFO), len(REDIS_INFO)))

View File

@ -16,11 +16,17 @@ func TestRedisMatcher(t *testing.T) {
m := NewMatcher() m := NewMatcher()
conn, _ := net.Dial("tcp", ADDR) conn, err := net.Dial("tcp", ADDR)
if err != nil {
t.Error(err)
return
}
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.229", 6379)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -33,7 +39,7 @@ func TestRedisMatcher(t *testing.T) {
return return
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -31,31 +31,27 @@ type RMIMatcher struct {
osm.Matchers osm.Matchers
} }
func (r *RMIMatcher) Key() string { func (m *RMIMatcher) Key() string {
return "RMI" return "RMI"
} }
func (r *RMIMatcher) Name() string { func (m *RMIMatcher) Name(matchCtx *osm.MatchCtx) string {
return "RMI" return "RMI"
} }
func (r *RMIMatcher) Meta() osm.Metadata { func (m *RMIMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (r *RMIMatcher) IsPrePacket() bool {
return false return false
} }
func (r *RMIMatcher) HasResponse(index int) bool { func (m *RMIMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (r *RMIMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *RMIMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (r *RMIMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *RMIMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -18,8 +18,10 @@ func TestRMIMatcher_Match(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.102", 9840)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -31,6 +33,6 @@ func TestRMIMatcher_Match(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -52,31 +52,27 @@ type SMBMatcher struct {
osm.Matchers osm.Matchers
} }
func (t *SMBMatcher) Key() string { func (m *SMBMatcher) Key() string {
return "SMB" return "SMB"
} }
func (t *SMBMatcher) Name() string { func (m *SMBMatcher) Name(matchCtx *osm.MatchCtx) string {
return "SMB" return "SMB"
} }
func (t *SMBMatcher) Meta() osm.Metadata { func (m *SMBMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (t *SMBMatcher) IsPrePacket() bool {
return false return false
} }
func (t *SMBMatcher) HasResponse(index int) bool { func (m *SMBMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (t *SMBMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *SMBMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (t *SMBMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *SMBMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -16,16 +16,17 @@ func TestSMBMatcher(t *testing.T) {
m := NewMatcher() m := NewMatcher()
conn, err := net.Dial("tcp", ADDR) conn, err := net.Dial("tcp", ADDR)
if err != nil { if err != nil {
t.Fatal(err) t.Error(err)
return
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.101", 445)
pack := m.Packet(i) for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
@ -36,6 +37,6 @@ func TestSMBMatcher(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -10,31 +10,27 @@ type SmtpMatcher struct {
osm.Matchers osm.Matchers
} }
func (t *SmtpMatcher) Key() string { func (m *SmtpMatcher) Key() string {
return "SMTP" return "SMTP"
} }
func (t *SmtpMatcher) Name() string { func (m *SmtpMatcher) Name(matchCtx *osm.MatchCtx) string {
return "SMTP" return "SMTP"
} }
func (t *SmtpMatcher) Meta() osm.Metadata { func (m *SmtpMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (t *SmtpMatcher) IsPrePacket() bool {
return true return true
} }
func (t *SmtpMatcher) HasResponse(index int) bool { func (m *SmtpMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (t *SmtpMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *SmtpMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (t *SmtpMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *SmtpMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil { if packet == nil {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
} }

View File

@ -7,6 +7,7 @@ import (
"strings" "strings"
"testing" "testing"
osm "git.loafle.net/overflow/service_matcher-go"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -19,35 +20,41 @@ func TestSMTPTLS(t *testing.T) {
ServerName: "192.168.1.215", ServerName: "192.168.1.215",
}, },
) )
if err != nil { if err != nil {
t.Log(err) t.Error(err)
return return
} }
defer conn.Close()
matchCtx := osm.NewMatchCtx("192.168.1.215", 465)
b := make([]byte, 1024) b := make([]byte, 1024)
check(t, b, conn, "", "220") check(matchCtx, t, b, conn, "", "220")
check(t, b, conn, "helo test\r\n", "250") check(matchCtx, t, b, conn, "helo test\r\n", "250")
check(t, b, conn, "quit\r\n", "221") check(matchCtx, t, b, conn, "quit\r\n", "221")
conn.Close()
} }
func TestSMTP(t *testing.T) { func TestSMTP(t *testing.T) {
conn, _ := net.Dial("tcp", "192.168.1.15:25") conn, err := net.Dial("tcp", "192.168.1.15:25")
if err != nil {
t.Error(err)
return
}
defer conn.Close()
matchCtx := osm.NewMatchCtx("192.168.1.15", 25)
b := make([]byte, 1024) b := make([]byte, 1024)
check(t, b, conn, "", "220") check(matchCtx, t, b, conn, "", "220")
check(t, b, conn, "helo test\r\n", "250") check(matchCtx, t, b, conn, "helo test\r\n", "250")
check(t, b, conn, "quit\r\n", "221") check(matchCtx, t, b, conn, "quit\r\n", "221")
conn.Close()
} }
func check(t *testing.T, b []byte, conn net.Conn, cmd string, compare string) { func check(matchCtx *osm.MatchCtx, t *testing.T, b []byte, conn net.Conn, cmd string, compare string) {
if cmd != "" { if cmd != "" {
wlen, _ := conn.Write([]byte(cmd)) wlen, _ := conn.Write([]byte(cmd))

View File

@ -39,32 +39,27 @@ var (
type SNMPMatcher struct { type SNMPMatcher struct {
osm.Matchers osm.Matchers
requestID int32 requestID int32
meta osm.Metadata
} }
func (s *SNMPMatcher) Key() string { func (s *SNMPMatcher) Key() string {
return "SNMP" return "SNMP"
} }
func (s *SNMPMatcher) Name() string { func (s *SNMPMatcher) Name(matchCtx *osm.MatchCtx) string {
return "SNMP" return "SNMP"
} }
func (s *SNMPMatcher) Meta() osm.Metadata { func (s *SNMPMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return s.meta
}
func (s *SNMPMatcher) IsPrePacket() bool {
return false return false
} }
func (s *SNMPMatcher) HasResponse(index int) bool { func (s *SNMPMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (s *SNMPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (s *SNMPMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -100,7 +95,7 @@ func (s *SNMPMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) e
continue continue
} }
// if binding.Name.String() == "1.3.6.1.2.1.1.5.0" { // if binding.Name.String() == "1.3.6.1.2.1.1.5.0" {
s.meta[binding.Name.String()] = string(binding.Value.Bytes) matchCtx.SetAttribute(binding.Name.String(), string(binding.Value.Bytes))
// } // }
} }
@ -119,8 +114,6 @@ func (s *SNMPMatcher) IsSend(port int) bool {
func NewMatcher() osm.UDPMatcher { func NewMatcher() osm.UDPMatcher {
m := &SNMPMatcher{} m := &SNMPMatcher{}
m.meta = osm.NewMetadata()
m.requestID = rand.Int31() m.requestID = rand.Int31()
p := snmpv2{} p := snmpv2{}

View File

@ -18,7 +18,9 @@ func TestSNMPv2(t *testing.T) {
} }
defer conn.Close() defer conn.Close()
pack := m.Packet(0) matchCtx := osm.NewMatchCtx("192.168.1.99", 161)
pack := m.Packet(matchCtx, 0)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
@ -28,5 +30,5 @@ func TestSNMPv2(t *testing.T) {
if err := m.Match(nil, 0, p); err != nil { if err := m.Match(nil, 0, p); err != nil {
t.Error(err) t.Error(err)
} }
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -68,34 +68,30 @@ type SQLServerMatcher struct {
isSSL bool isSSL bool
} }
func (t *SQLServerMatcher) Key() string { func (m *SQLServerMatcher) Key() string {
return "SQLSERVER" return "SQLSERVER"
} }
func (t *SQLServerMatcher) Name() string { func (m *SQLServerMatcher) Name(matchCtx *osm.MatchCtx) string {
if t.isSSL { if m.isSSL {
return "SQL Server (SSL)" return "SQL Server (SSL)"
} }
return "SQL Server" return "SQL Server"
} }
func (t *SQLServerMatcher) Meta() osm.Metadata { func (m *SQLServerMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (t *SQLServerMatcher) IsPrePacket() bool {
return false return false
} }
func (t *SQLServerMatcher) HasResponse(index int) bool { func (m *SQLServerMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (t *SQLServerMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *SQLServerMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (t *SQLServerMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *SQLServerMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil { if packet == nil {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -104,30 +100,30 @@ func (t *SQLServerMatcher) Match(info osm.MatchInfo, index int, packet *osm.Pack
reader := new(bytes.Buffer) reader := new(bytes.Buffer)
reader.Write(packet.Buffer) reader.Write(packet.Buffer)
m := mssqlResponse{} res := mssqlResponse{}
if err := binary.Read(reader, binary.BigEndian, &m); err != nil { if err := binary.Read(reader, binary.BigEndian, &m); err != nil {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
if m.Type_ != HEADER_TYPE_RESPONSE { if res.Type_ != HEADER_TYPE_RESPONSE {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
if m.Length != uint16(packet.Len) { if res.Length != uint16(packet.Len) {
return osm.NotMatchedError() return osm.NotMatchedError()
} }
switch m.PreLoginResp.Msg[m.Length-9 : m.Length-8][0] { switch res.PreLoginResp.Msg[res.Length-9 : res.Length-8][0] {
case 0: case 0:
return nil return nil
case 1: case 1:
t.isSSL = true matchCtx.SetAttribute("isSSL", true)
return nil return nil
case 2: case 2:
return nil return nil
case 3: case 3:
t.isSSL = true matchCtx.SetAttribute("isSSL", true)
return nil return nil
default: default:
return osm.NotMatchedError() return osm.NotMatchedError()

View File

@ -13,11 +13,16 @@ import (
*/ */
func TestSqlNor(t *testing.T) { func TestSqlNor(t *testing.T) {
conn, _ := net.Dial("tcp", "192.168.1.16:11433") conn, err := net.Dial("tcp", "192.168.1.16:11433")
if err != nil {
t.Error(err)
return
}
defer conn.Close() defer conn.Close()
sqlServerRun(conn, t) matchCtx := osm.NewMatchCtx("192.168.1.16", 11433)
sqlServerRun(matchCtx, conn, t)
} }
@ -41,19 +46,19 @@ func TestSqlNor(t *testing.T) {
// sqlServerRun(conn, t) // sqlServerRun(conn, t)
//} //}
func sqlServerRun(conn net.Conn, t *testing.T) { func sqlServerRun(matchCtx *osm.MatchCtx, conn net.Conn, t *testing.T) {
m := NewMatcher() m := NewMatcher()
for i := 0; i < m.PacketCount(); i++ { for i := 0; i < m.PacketCount(matchCtx); i++ {
pack := m.Packet(i) pack := m.Packet(matchCtx, i)
conn.Write(pack.Buffer) conn.Write(pack.Buffer)
bytes := make([]byte, 1024) bytes := make([]byte, 1024)
n, _ := conn.Read(bytes) n, _ := conn.Read(bytes)
p := osm.NewPacket(bytes, n) p := osm.NewPacket(bytes, n)
if m.Match(nil, i, p) { if err := m.Match(matchCtx, i, p); nil != err {
t.Log(m.Key()) t.Log(m.Key())
return return
} }

View File

@ -10,38 +10,33 @@ import (
type SSHMatcher struct { type SSHMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (ssh *SSHMatcher) Key() string { func (m *SSHMatcher) Key() string {
return "SSH" return "SSH"
} }
func (ssh *SSHMatcher) Name() string { func (m *SSHMatcher) Name(matchCtx *osm.MatchCtx) string {
name := "SSH" name := "SSH"
if v, ok := ssh.meta["softwareversion"]; ok { if v, ok := matchCtx.GetAttribute("softwareversion"); ok {
name = name + " (" + v + ")" name = name + " (" + v.(string) + ")"
} }
return name return name
} }
func (ssh *SSHMatcher) Meta() osm.Metadata { func (m *SSHMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return ssh.meta
}
func (ssh *SSHMatcher) IsPrePacket() bool {
return true return true
} }
func (ssh *SSHMatcher) HasResponse(index int) bool { func (m *SSHMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (ssh *SSHMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *SSHMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (ssh *SSHMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *SSHMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()
@ -64,11 +59,11 @@ func (ssh *SSHMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
softwareversion := versions[2] softwareversion := versions[2]
if strings.HasPrefix(protoversion, "1") || strings.HasPrefix(protoversion, "2") { if strings.HasPrefix(protoversion, "1") || strings.HasPrefix(protoversion, "2") {
ssh.meta["protoversion"] = protoversion matchCtx.SetAttribute("protoversion", protoversion)
ssh.meta["softwareversion"] = softwareversion matchCtx.SetAttribute("softwareversion", softwareversion)
if len(temp) > 1 { if len(temp) > 1 {
ssh.meta["comments"] = temp[1] matchCtx.SetAttribute("comments", temp[1])
} }
return nil return nil
} }
@ -80,6 +75,6 @@ func (ssh *SSHMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet)
func NewMatcher() osm.Matcher { func NewMatcher() osm.Matcher {
m := &SSHMatcher{} m := &SSHMatcher{}
m.meta = osm.NewMetadata()
return m return m
} }

View File

@ -15,11 +15,12 @@ func TestSSH(t *testing.T) {
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.10", 22)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -32,6 +33,6 @@ func TestSSH(t *testing.T) {
return return
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -16,31 +16,27 @@ type TelnetMatcher struct {
osm.Matchers osm.Matchers
} }
func (tel *TelnetMatcher) Key() string { func (m *TelnetMatcher) Key() string {
return "TELNET" return "TELNET"
} }
func (tel *TelnetMatcher) Name() string { func (m *TelnetMatcher) Name(matchCtx *osm.MatchCtx) string {
return "Telnet" return "Telnet"
} }
func (tel *TelnetMatcher) Meta() osm.Metadata { func (m *TelnetMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return nil
}
func (tel *TelnetMatcher) IsPrePacket() bool {
return true return true
} }
func (tel *TelnetMatcher) HasResponse(index int) bool { func (m *TelnetMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (tel *TelnetMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *TelnetMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (tel *TelnetMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *TelnetMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil || !packet.Valid() { if packet == nil || !packet.Valid() {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -15,11 +15,12 @@ func TestTelnetMatcher_Match(t *testing.T) {
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.201", 23)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -32,7 +33,7 @@ func TestTelnetMatcher_Match(t *testing.T) {
return return
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }

View File

@ -19,34 +19,29 @@ const (
type WMIMatcher struct { type WMIMatcher struct {
osm.Matchers osm.Matchers
meta osm.Metadata
} }
func (w *WMIMatcher) Key() string { func (m *WMIMatcher) Key() string {
return "WMI" return "WMI"
} }
func (w *WMIMatcher) Name() string { func (m *WMIMatcher) Name(matchCtx *osm.MatchCtx) string {
return "WMI" return "WMI"
} }
func (w *WMIMatcher) Meta() osm.Metadata { func (m *WMIMatcher) IsPrePacket(matchCtx *osm.MatchCtx) bool {
return w.meta
}
func (w *WMIMatcher) IsPrePacket() bool {
return false return false
} }
func (w *WMIMatcher) HasResponse(index int) bool { func (m *WMIMatcher) HasResponse(matchCtx *osm.MatchCtx, index int) bool {
return true return true
} }
func (w *WMIMatcher) IsError(info osm.MatchInfo, index int, packet *osm.Packet) bool { func (m *WMIMatcher) IsError(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) bool {
return false return false
} }
func (w *WMIMatcher) Match(info osm.MatchInfo, index int, packet *osm.Packet) error { func (m *WMIMatcher) Match(matchCtx *osm.MatchCtx, index int, packet *osm.Packet) error {
if packet == nil { if packet == nil {
return osm.NoPacketReceivedError() return osm.NoPacketReceivedError()

View File

@ -16,11 +16,12 @@ func TestWMI(t *testing.T) {
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
defer conn.Close() defer conn.Close()
for i := 0; i < m.PacketCount(); i++ { matchCtx := osm.NewMatchCtx("192.168.1.200", 135)
_, err := conn.Write(m.Packet(i).Buffer)
for i := 0; i < m.PacketCount(matchCtx); i++ {
_, err := conn.Write(m.Packet(matchCtx, i).Buffer)
if err != nil { if err != nil {
t.Error(err) t.Error(err)
} }
@ -33,7 +34,6 @@ func TestWMI(t *testing.T) {
return return
} }
} }
t.Log(m.Name()) t.Log(m.Name(matchCtx))
t.Log(m.Meta()) t.Log(matchCtx)
} }