You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
star/tcm/cmd_unix.go

42 lines
3.0 KiB
Go

//go:build !windows
package tcm
import "github.com/spf13/cobra"
var nf = NewNfCap()
var Cmd = &cobra.Command{
Use: "tcm",
Short: "TCP连接监视工具",
Run: func(cmd *cobra.Command, args []string) {
nf.Run()
},
}
func init() {
Cmd.Flags().IntVarP(&nf.monitorPort, "port", "p", 0, "nft转发端口地址如果启用此参数将会自动设置iptables需要安装iptables")
Cmd.Flags().StringSliceVarP(&nf.target, "target", "t", []string{}, "监控的ip地址可多个本工具各类延迟等tcp操作仅对此类ip生效")
Cmd.Flags().StringSliceVarP(&nf.targetCmd, "cmd", "c", []string{}, "触发报文drop的关键词utf8格式如:show variables")
Cmd.Flags().BoolVarP(&nf.targetAsHex, "cmd-as-hex", "x", false, "启用此选项cmd选项请传入hex字符而不是utf-8")
Cmd.Flags().StringVarP(&nf.saveFile, "save", "w", "", "保存文件路径,将会保存所有报文到此文件")
Cmd.Flags().BoolVarP(&nf.interactive, "interactive", "i", false, "启用交互模式可输入命令allow <ip>,drop <ip>,delay <ms>,loss <number%>")
Cmd.Flags().BoolVarP(&nf.showAll, "display-all", "D", false, "显示所有报文包括非target对象")
Cmd.Flags().BoolVarP(&nf.showAsHex, "as-hex", "a", false, "显示报文的hex内容")
Cmd.Flags().BoolVarP(&nf.showPayload, "show-payload", "S", false, "显示报文的payload")
Cmd.Flags().IntVarP(&nf.maxShowPayloadSize, "payload-maxlen", "m", 200, "显示payload的最大长度")
Cmd.Flags().BoolVarP(&nf.noShowMode, "no-show", "N", false, "不显示任何tcp报文只统计数量")
Cmd.Flags().Float64VarP(&nf.loss, "loss", "l", 0, "丢包率0-100之间如10表示10%丢包")
Cmd.Flags().IntVarP(&nf.delay, "delay", "d", 0, "延迟时间单位ms")
Cmd.Flags().IntVarP(&nf.packetDelay, "packet-delay-num", "n", 0, "触发封禁关键词后延迟n个包再封禁")
Cmd.Flags().BoolVarP(&nf.useRST, "rst", "r", false, "触发封禁关键词后同步发送RST报文")
Cmd.Flags().StringVarP(&nf.rstMode, "rstmode", "R", "reverse", "RST报文发送模式可选值both,target,reverse")
Cmd.Flags().BoolVarP(&nf.fastMode, "fastmode", "F", false, "快速模式,仅在模拟延迟或丢包时使用")
Cmd.Flags().IntVarP(&nf.NFQNums, "nfqueue-num", "q", 2, "nfqueue队列号")
Cmd.Flags().BoolVarP(&nf.allowRandomAck, "random-ack", "A", false, "允许并行乱序处理报文,如果需要模拟延迟,此选项需开启,但封禁功能可能受到乱序影响")
Cmd.Flags().BoolVarP(&nf.singlePacketMode, "signle-packet", "o", false, "仅对匹配到的单报文操作,此模式下packetDelay会失效")
Cmd.Flags().StringSliceVarP(&nf.cuePktMethod, "cue-pkt-method", "O", []string{}, "单报文匹配下执行的报文操作可选值drop,delay ms,allow,reset")
Cmd.Flags().StringSliceVarP(&nf.Flags, "flags", "f", nil, "tcp flags匹配,如:SYN,ACK")
Cmd.Flags().IntVarP(&nf.CapFileCacheNum, "write-cache", "W", 0, "命中匹配写入文件报文缓存如果为0 ,则忽略匹配条件")
}