You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
star/tcm/cmd_unix.go

42 lines
3.0 KiB
Go

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

//go:build !windows
package tcm
import "github.com/spf13/cobra"
var nf = NewNfCap()
var Cmd = &cobra.Command{
Use: "tcm",
Short: "TCP连接监视工具",
Run: func(cmd *cobra.Command, args []string) {
nf.Run()
},
}
func init() {
Cmd.Flags().IntVarP(&nf.monitorPort, "port", "p", 0, "nft转发端口地址如果启用此参数将会自动设置iptables需要安装iptables")
Cmd.Flags().StringSliceVarP(&nf.target, "target", "t", []string{}, "监控的ip地址可多个本工具各类延迟等tcp操作仅对此类ip生效")
Cmd.Flags().StringSliceVarP(&nf.targetCmd, "cmd", "c", []string{}, "触发报文drop的关键词utf8格式如:show variables")
Cmd.Flags().BoolVarP(&nf.targetAsHex, "cmd-as-hex", "x", false, "启用此选项cmd选项请传入hex字符而不是utf-8")
Cmd.Flags().StringVarP(&nf.saveFile, "save", "w", "", "保存文件路径,将会保存所有报文到此文件")
Cmd.Flags().BoolVarP(&nf.interactive, "interactive", "i", false, "启用交互模式可输入命令allow <ip>,drop <ip>,delay <ms>,loss <number%>")
Cmd.Flags().BoolVarP(&nf.showAll, "display-all", "D", false, "显示所有报文包括非target对象")
Cmd.Flags().BoolVarP(&nf.showAsHex, "as-hex", "a", false, "显示报文的hex内容")
Cmd.Flags().BoolVarP(&nf.showPayload, "show-payload", "S", false, "显示报文的payload")
Cmd.Flags().IntVarP(&nf.maxShowPayloadSize, "payload-maxlen", "m", 200, "显示payload的最大长度")
Cmd.Flags().BoolVarP(&nf.noShowMode, "no-show", "N", false, "不显示任何tcp报文只统计数量")
Cmd.Flags().Float64VarP(&nf.loss, "loss", "l", 0, "丢包率0-100之间如10表示10%丢包")
Cmd.Flags().IntVarP(&nf.delay, "delay", "d", 0, "延迟时间单位ms")
Cmd.Flags().IntVarP(&nf.packetDelay, "packet-delay-num", "n", 0, "触发封禁关键词后延迟n个包再封禁")
Cmd.Flags().BoolVarP(&nf.useRST, "rst", "r", false, "触发封禁关键词后同步发送RST报文")
Cmd.Flags().StringVarP(&nf.rstMode, "rstmode", "R", "reverse", "RST报文发送模式可选值both,target,reverse")
Cmd.Flags().BoolVarP(&nf.fastMode, "fastmode", "F", false, "快速模式,仅在模拟延迟或丢包时使用")
Cmd.Flags().IntVarP(&nf.NFQNums, "nfqueue-num", "q", 2, "nfqueue队列号")
Cmd.Flags().BoolVarP(&nf.allowRandomAck, "random-ack", "A", false, "允许并行乱序处理报文,如果需要模拟延迟,此选项需开启,但封禁功能可能受到乱序影响")
Cmd.Flags().BoolVarP(&nf.singlePacketMode, "signle-packet", "o", false, "仅对匹配到的单报文操作,此模式下packetDelay会失效")
Cmd.Flags().StringSliceVarP(&nf.cuePktMethod, "cue-pkt-method", "O", []string{}, "单报文匹配下执行的报文操作可选值drop,delay ms,allow,reset")
Cmd.Flags().StringSliceVarP(&nf.Flags, "flags", "f", nil, "tcp flags匹配,如:SYN,ACK")
Cmd.Flags().IntVarP(&nf.CapFileCacheNum, "write-cache", "W", 0, "命中匹配写入文件报文缓存如果为0 ,则忽略匹配条件")
}