{"id":16105793,"url":"https://github.com/devlights/go-gopacket-example","last_synced_at":"2026-01-16T00:56:37.418Z","repository":{"id":149716570,"uuid":"621744669","full_name":"devlights/go-gopacket-example","owner":"devlights","description":"Packet Capture with gopacket example by golang.","archived":false,"fork":false,"pushed_at":"2024-12-20T10:29:15.000Z","size":3791,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-08T00:44:13.617Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devlights.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-03-31T09:43:02.000Z","updated_at":"2024-12-20T10:29:19.000Z","dependencies_parsed_at":"2024-04-19T13:36:38.033Z","dependency_job_id":"9845d845-340c-4460-af72-39f5bb224e3d","html_url":"https://github.com/devlights/go-gopacket-example","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devlights%2Fgo-gopacket-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devlights%2Fgo-gopacket-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devlights%2Fgo-gopacket-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devlights%2Fgo-gopacket-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devlights","download_url":"https://codeload.github.com/devlights/go-gopacket-example/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246794027,"owners_count":20834931,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-09T19:10:38.879Z","updated_at":"2026-01-16T00:56:37.378Z","avatar_url":"https://github.com/devlights.png","language":"Go","readme":"# go-gopacket-example\n\nPacket Capture with gopacket example by golang.\n\n![Go Version](https://img.shields.io/badge/go-1.23-blue.svg)\n\nThe sources in this repository only work on Linux.\n\n## Environments\n\n```sh\n$ lsb_release -a\nNo LSB modules are available.\nDistributor ID: Ubuntu\nDescription: Ubuntu 22.04.2 LTS\nRelease: 22.04\nCodename: jammy\n\n\n$ go version\ngo version go1.20.3 linux/amd64\n```\n\n## Requirements\n\n### libpcap\n\n```sh\n$ sudo apt install libpcap-dev\n```\n\n### nc (netcat) (optional)\n\n```sh\n$ sudo apt install netcat\n```\n\n### tcpdump (optional)\n\n```sh\n$ sudo apt install tcpdump\n```\n\n### arp-scan (optional)\n\n```sh\n$ sudo apt install arp-scan\n```\n\n### nslookup or dig (optional)\n\n```sh\n$ sudo apt install dnsutils\n```\n\n### [go-task](https://taskfile.dev/)\n\n```sh\n$ go install github.com/go-task/task/v3/cmd/task@latest\n```\n\n## How to run\n\n```sh\n$ task --list\ntask: Available tasks for this project:\n* applayer-dhcp: See DHCP info\n* applayer-dns: See DNS info\n* applayer-dnssec: See DNSSEC info\n* applayer-http: See HTTP info\n* bpffilter: Run pcap.OpenOffline() with BPF Filter\n* default: default (print all ifs)\n* fmtvet: go fmt and go vet\n* layertype-app: See gopacket.Packet.ApplicationLayer() info\n* layertype-arp: See *layers.ARP info\n* layertype-ethernet: See *layers.Ethernet info\n* layertype-icmpv4: See *layers.ICMPv4 info\n* layertype-ipv4: See *layers.IPv4 info\n* layertype-tcp: See *layers.TCP info\n* layertype-udp: See *layers.UDP info\n* openlive: Run pcap.OpenLive() example\n* openoffline: Run pcap.OpenOffline() example\n* packet: See *pcap.Packet structure info\n\n\n$ task openlive\ntask: [openlive] go build\ntask: [openlive] sudo ./openlive\n\n\n[Packet capture will be displayed.]\n\n\n$ task openoffline\ntask: [openoffline] sudo timeout 3s tcpdump -i eth0 -w example.pcap 'tcp'\ntcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes\n61 packets captured\n77 packets received by filter\n0 packets dropped by kernel\ntask: [openoffline] go build\ntask: [openoffline] sudo ./openoffline\n\n[Packet capture will be displayed.]\n\n\n\n$ task bpffilter\ntask: [bpffilter] go build\ntask: [bpffilter] sudo bash ./tcpdump.sh\ntask: [bpffilter] bash ./ping.sh\nPING localhost(localhost (::1)) 56 data bytes\n64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.018 ms\ntcpdump: listening on lo, link-type EN10MB (Ethernet), snapshot length 262144 bytes\n64 bytes from localhost (::1): icmp_seq=2 ttl=64 time=0.031 ms\n64 bytes from localhost (::1): icmp_seq=3 ttl=64 time=0.046 ms\ntask: [bpffilter] sudo bash ./kill.sh\n33 packets captured\n82 packets received by filter\n0 packets dropped by kernel\ntask: [bpffilter] sleep 1\ntask: [bpffilter] sudo ./bpffilter\nSTART\n\n[Packet capture will be displayed.]\n\nDONE\n\n\n\n$ task packet\ntask: [packet] go build\ntask: [packet] sudo bash ./app.sh\ntask: [packet] sleep 1\ntask: [packet] sudo bash ./server.sh\ntask: [packet] sudo bash ./client.sh\nhelloworldtask: [packet] sleep 3\n------------------------------\n[Capture Length] 74\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 45400\n[DST PORT ] 22222(easyengine)\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=true\n\u003e\u003e\u003e ACK=false\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n------------------------------\n------------------------------\n[Capture Length] 74\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 22222(easyengine)\n[DST PORT ] 45400\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=true\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n------------------------------\n------------------------------\n[Capture Length] 66\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 45400\n[DST PORT ] 22222(easyengine)\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n------------------------------\n------------------------------\n[Capture Length] 76\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 45400\n[DST PORT ] 22222(easyengine)\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=true\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n[Payload ] [104 101 108 108 111 119 111 114 108 100]\n------------------------------\n------------------------------\n[Capture Length] 66\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 22222(easyengine)\n[DST PORT ] 45400\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n------------------------------\n------------------------------\n[Capture Length] 66\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 45400\n[DST PORT ] 22222(easyengine)\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=true\n------------------------------\n------------------------------\n[Capture Length] 66\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 22222(easyengine)\n[DST PORT ] 45400\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=true\n------------------------------\n------------------------------\n[Capture Length] 66\n[Src ] 127.0.0.1\n[Dst ] 127.0.0.1\n[Protocol ] TCP\n[SRC PORT ] 45400\n[DST PORT ] 22222(easyengine)\n[TCP FLAGS ]\n\u003e\u003e\u003e SYN=false\n\u003e\u003e\u003e ACK=true\n\u003e\u003e\u003e PSH=false\n\u003e\u003e\u003e RST=false\n\u003e\u003e\u003e FIN=false\n------------------------------\ntask: [packet] sudo bash ./kill.sh\n\n\n\n$ task layertype-ethernet\ntask: [layertype-ethernet] go build\ntask: [layertype-ethernet] sudo ./ethernet\nSTART\n[Src MAC ] 16:xx:42:44:xx:cd\n[Dst MAC ] 7e:bf:24:xx:3e:90\n[Ethernet type] IPv4\n[Src MAC ] 7e:bf:24:xx:3e:90\n[Dst MAC ] 16:xx:42:44:2e:cd\n[Ethernet type] IPv4\n[Src MAC ] 16:xx:42:44:2e:cd\n[Dst MAC ] 7e:bf:24:xx:3e:90\n[Ethernet type] IPv4\n[Src MAC ] 7e:bf:24:xx:3e:90\n[Dst MAC ] 16:xx:42:44:2e:cd\n[Ethernet type] IPv4\n[Src MAC ] 7e:bf:24:xx:3e:90\n[Dst MAC ] 16:xx:42:44:2e:cd\n[Ethernet type] IPv4\n[Src MAC ] 7e:bf:24:xx:3e:90\n[Dst MAC ] 16:xx:42:44:2e:cd\n[Ethernet type] IPv4\nDONE\n\n\n$ task layertype-arp\ntask: [layertype-arp] go build\ntask: [layertype-arp] sudo bash ./arp-scan.sh \u0026\ntask: [layertype-arp] sudo ./arp\nSTART\nInterface: eth0, type: EN10MB, MAC: c2:88:65:43:bc:ed, IPv4: 10.0.5.2\nStarting arp-scan 1.9.7 with 4 hosts (https://github.com/royhills/arp-scan)\n10.0.5.1 42:6f:a6:72:06:80 (Unknown: locally administered)\n[Operation ] 1\n[Src Hw Addr ] [194 136 101 76 188 237]\n[Src Prot Addr] [10 0 2 6]\n[Dst Hw Addr ] [0 0 0 0 0 0]\n[Dst Prot Addr] [10 3 5 0]\n\n1 packets received by filter, 0 packets dropped by kernel\nEnding arp-scan 1.9.7: 4 hosts scanned in 1.443 seconds (2.77 hosts/sec). 1 responded\nDONE\n\n\n$ task layertype-ipv4\ntask: [layertype-ipv4] go build\ntask: [layertype-ipv4] sudo ./ipv4\nSTART\n[Version ] 4\n[IHL ] 5 words -\u003e 160 bits -\u003e 20 bytes\n[Length ] 81\n[Payload Length] 61\n[TTL ] 64\n[Protocol ] TCP\n[Src IP ] 10.0.5.2\n[Dst IP ] 192.168.39.75\nDONE \n\n\n$ task layertype-icmpv4\ntask: [layertype-icmpv4] go build\ntask: [layertype-icmpv4] sudo bash ./ping.sh \u0026\ntask: [layertype-icmpv4] sudo ./icmpv4\nSTART\nPING (127.0.0.1) 56(84) bytes of data.\n64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.018 ms\n[Seq ] 1\n[Type ] 8\n[Code ] 0\n[Req/Rep ] ICMP Echo Request\n[Checksum] 20183\n[Seq ] 1\n[Type ] 0\n[Code ] 0\n[Req/Rep ] ICMP Echo Reply\n[Checksum] 22231\n64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.028 ms\n\n--- ping statistics ---\n2 packets transmitted, 2 received, 0% packet loss, time 1020ms\nrtt min/avg/max/mdev = 0.018/0.023/0.028/0.005 ms\nDONE\n\n\n$ task layertype-tcp\ntask: [layertype-tcp] go build\ntask: [layertype-tcp] sudo ./tcp\nSTART\n[Src Port ] 51190\n[Dst Port ] 443(https)\n[Seq Number ] 771501779\n[Ack Number ] 1030112796\n[Window Size ] 331\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] true\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 4529\n[Urgent Pointer ] 0\n----------------\n[Src Port ] 51190\n[Dst Port ] 443(https)\n[Seq Number ] 771501819\n[Ack Number ] 1030112796\n[Window Size ] 331\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] true\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 4686\n[Urgent Pointer ] 0\n----------------\n[Src Port ] 443(https)\n[Dst Port ] 51190\n[Seq Number ] 1030112796\n[Ack Number ] 771501819\n[Window Size ] 1962\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 10449\n[Urgent Pointer ] 0\n----------------\nDONE\n\n\n$ task layertype-udp\ntask: [layertype-udp] go build\ntask: [layertype-udp] sudo bash ./app.sh\ntask: [layertype-udp] sleep 1\nSTART\ntask: [layertype-udp] sudo bash ./server.sh\ntask: [layertype-udp] sudo bash ./client.sh\ntask: [layertype-udp] sleep 3\n[Src Port ] 38037\n[Dst Port ] 22222\n[Length ] 19\n[Payload ] [104 101 108 108 111 119 111 114 108 100 10]\n[Payload(decode)] helloworld\n[Checksum ] 65062\n----------------\ntask: [layertype-udp] sudo bash ./kill.sh\n\n\n\n$ task layertype-app\ntask: [layertype-app] go build\ntask: [layertype-app] sudo bash ./tcpdump.sh\ntask: [layertype-app] sudo bash ./server.sh\ntask: [layertype-app] sleep 1\ntask: [layertype-app] sudo bash ./client.sh\ntask: [layertype-app] sleep 3\ntask: [layertype-app] sudo bash ./kill.sh\ntask: [layertype-app] sleep 1\ntask: [layertype-app] sudo ./app\nSTART\n[ApplicatonLayer][Payload ] 10 bytes\n[ApplicatonLayer][Contents] helloworld\n[TCP Layer ][Payload ] 10 bytes\n[TCP Layer ][Contents] helloworld\n----------------\n[ApplicatonLayer][Payload ] 6 bytes\n[ApplicatonLayer][Contents] golang\n[TCP Layer ][Payload ] 6 bytes\n[TCP Layer ][Contents] golang\n----------------\n[ApplicatonLayer][Payload ] 9 bytes\n[ApplicatonLayer][Contents] goroutine\n[TCP Layer ][Payload ] 9 bytes\n[TCP Layer ][Contents] goroutine\n----------------\nDONE\n\n\n$ task applayer-http\ntask: [applayer-http] go build -o webserver server/main.go\ntask: [applayer-http] go build -o http main.go\ntask: [applayer-http] ./webserver \u0026\ntask: [applayer-http] sudo ./http \u0026\ntask: [applayer-http] sleep 1\nSTART\ntask: [applayer-http] curl --silent http://localhost:12345/ \u003e /dev/null\ntask: [applayer-http] sleep 3\n[Src Port ] 38220\n[Dst Port ] 12345(italk)\n[Seq Number ] 3929104362\n[Ack Number ] 0\n[Window Size ] 43690\n[TCP Flags - SYN] true\n[TCP Flags - ACK] false\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65072\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 12345(italk)\n[Dst Port ] 38220\n[Seq Number ] 3265036388\n[Ack Number ] 3929104363\n[Window Size ] 43690\n[TCP Flags - SYN] true\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65072\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 38220\n[Dst Port ] 12345(italk)\n[Seq Number ] 3929104363\n[Ack Number ] 3265036389\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\nHTTP Method: GET\nHTTP URL: /\nHTTP Protocol: HTTP/1.1\nHTTP Headers:\n User-Agent: curl/7.81.0\n Accept: */*\n------------------------------------\n[Src Port ] 12345(italk)\n[Dst Port ] 38220\n[Seq Number ] 3265036389\n[Ack Number ] 3929104442\n[Window Size ] 341\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\nHTTP Status Code: 200\nHTTP Protocol: HTTP/1.1\nHTTP Headers:\n Date: Sun, 28 May 2023 16:33:50 GMT\n Content-Length: 11\n Content-Type: text/plain; charset=utf-8\nBODY: helloworld\n\n------------------------------------\n[Src Port ] 38220\n[Dst Port ] 12345(italk)\n[Seq Number ] 3929104442\n[Ack Number ] 3265036517\n[Window Size ] 341\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 38220\n[Dst Port ] 12345(italk)\n[Seq Number ] 3929104442\n[Ack Number ] 3265036517\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] true\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 12345(italk)\n[Dst Port ] 38220\n[Seq Number ] 3265036517\n[Ack Number ] 3929104443\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] true\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 38220\n[Dst Port ] 12345(italk)\n[Seq Number ] 3929104443\n[Ack Number ] 3265036518\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\ntask: [applayer-http] pkill webserver\ntask: [applayer-http] sudo pkill http\n\n\n\n$ task applayer-dns\ntask: [applayer-dns] go build -o dns main.go\ntask: [applayer-dns] sudo ./dns \u0026\nSTART\ntask: [applayer-dns] dig +noall google.com\n[Src Port ] 45271\n[Dst Port ] 53(domain)\n[Length ] 59\n[Checksum ] 4432\n[DNS Questions]\n ;google.com. IN A\n------------------------------------\n[Src Port ] 53(domain)\n[Dst Port ] 45271\n[Length ] 63\n[Checksum ] 27399\n[DNS Questions]\n ;google.com. IN A\n[DNS Answers]\n google.com. 166 IN A 142.250.69.206\n------------------------------------\ntask: [applayer-dns] sudo pkill dns\n\n\n\n$ task applayer-dnssec\ntask: [applayer-dnssec] go build -o dnssec main.go\ntask: [applayer-dnssec] sudo ./dnssec \u0026\nSTART\ntask: [applayer-dnssec] dig +noall +dnssec iij.ad.jp\n[Src Port ] 51846\n[Dst Port ] 53(domain)\n[Length ] 58\n[Checksum ] 4431\n[DNS Questions]\n ;iij.ad.jp. IN A\n------------------------------------\n[Src Port ] 53(domain)\n[Dst Port ] 51846\n[Length ] 231\n[Checksum ] 21922\n[DNS Questions]\n ;iij.ad.jp. IN A\n[DNS Answers]\n [A ] iij.ad.jp. 300 IN A 202.232.2.191\n [RRSIG ] iij.ad.jp. 300 IN RRSIG A 8 3 300 20230705151005 20230605151005 13308 iij.ad.jp. xxxxxxxxxxxxx\n------------------------------------\ntask: [applayer-dnssec] dig +noall iij.ad.jp dnskey\n[Src Port ] 53908\n[Dst Port ] 53(domain)\n[Length ] 58\n[Checksum ] 4431\n[DNS Questions]\n ;iij.ad.jp. IN DNSKEY\n------------------------------------\n[Src Port ] 53(domain)\n[Dst Port ] 53908\n[Length ] 618\n[Checksum ] 53795\n[DNS Questions]\n ;iij.ad.jp. IN DNSKEY\n[DNS Answers]\n [DNSKEY] iij.ad.jp. 2763 IN DNSKEY 256 3 8 xxxxxxxxxxxxx\n [DNSKEY] iij.ad.jp. 2763 IN DNSKEY 256 3 8 xxxxxxxxxxxxx\n [DNSKEY] iij.ad.jp. 2763 IN DNSKEY 257 3 8 xxxxxxxxxxxxx\n------------------------------------\ntask: [applayer-dnssec] sudo pkill dnssec\n\n\n$ sudo vsftpd /etc/vsftpd.conf \u0026\n$ task applayer-ftp\nPlease start the FTP server in advance.\ntask: [applayer-ftp] go build -o gopacket-ftp main.go\ntask: [applayer-ftp] sudo ./gopacket-ftp \u0026\nSTART\n\n# ----------------------------------------------------\n# Run ftp-command in another terminal.\n#\n# $ lftp -u anonymous, anonymous@localhost\n# lftp anonymous@localhost:~\u003e ls\n# lftp anonymous@localhost:/\u003e bye\n# ----------------------------------------------------\n\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394225\n[Ack Number ] 0\n[Window Size ] 43690\n[TCP Flags - SYN] true\n[TCP Flags - ACK] false\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65072\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 21(ftp)\n[Dst Port ] 52584\n[Seq Number ] 2228490639\n[Ack Number ] 3285394226\n[Window Size ] 43690\n[TCP Flags - SYN] true\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65072\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394226\n[Ack Number ] 2228490640\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] 220 (vsFTPd 3.0.5)\n\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394226\n[Ack Number ] 2228490660\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] FEAT\n\n------------------------------------\n[Src Port ] 21(ftp)\n[Dst Port ] 52584\n[Seq Number ] 2228490660\n[Ack Number ] 3285394232\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] 211-Features:\n\n------------------------------------\n[FTP] EPRT\n\n------------------------------------\n[FTP] EPSV\n\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394232\n[Ack Number ] 2228490682\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] MDTM\n\n------------------------------------\n[FTP] PASV\n\n------------------------------------\n[FTP] REST STREAM\n\n------------------------------------\n[FTP] SIZE\n\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394232\n[Ack Number ] 2228490717\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] TVFS\n\n------------------------------------\n[FTP] 211 End\n\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394232\n[Ack Number ] 2228490731\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] AUTH TLS\n\n------------------------------------\n[FTP] 530 Please login with USER and PASS.\n\n------------------------------------\n[FTP] USER anonymous\n\n------------------------------------\n[FTP] 331 Please specify the password.\n\n------------------------------------\n[FTP] PASS \n\n------------------------------------\n[FTP] 230 Login successful.\n\n------------------------------------\n[FTP] PWD\n\n------------------------------------\n[FTP] 257 \"/\" is the current directory\n\n------------------------------------\n[FTP] PASV\n\n------------------------------------\n[FTP] 227 Entering Passive Mode (127,0,0,1,209,75).\n\n------------------------------------\n[FTP] LIST\n\n------------------------------------\n[FTP] 150 Here comes the directory listing.\n\n------------------------------------\n[FTP] 226 Directory send OK.\n\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394282\n[Ack Number ] 2228490979\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[FTP] QUIT\n\n------------------------------------\n[FTP] 221 Goodbye.\n\n------------------------------------\n[Src Port ] 21(ftp)\n[Dst Port ] 52584\n[Seq Number ] 2228490993\n[Ack Number ] 3285394288\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] true\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 52584\n[Dst Port ] 21(ftp)\n[Seq Number ] 3285394288\n[Ack Number ] 2228490994\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] true\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n[Src Port ] 21(ftp)\n[Dst Port ] 52584\n[Seq Number ] 2228490994\n[Ack Number ] 3285394289\n[Window Size ] 342\n[TCP Flags - SYN] false\n[TCP Flags - ACK] true\n[TCP Flags - PSH] false\n[TCP Flags - RST] false\n[TCP Flags - FIN] false\n[Checksum ] 65064\n[Urgent Pointer ] 0\n------------------------------------\n\ntask: [applayer-ftp] sudo pkill gopacket-ftp\n```\n\n## REFERENCES\n\n- [gopacket](https://pkg.go.dev/github.com/google/gopacket@v1.1.19)\n- [Sniffing packets in Go](https://medium.com/a-bit-off/sniffing-network-go-6753cae91d3f)\n- [gopacketでpcapを読み込む](https://mrtc0.hateblo.jp/entry/2016/03/19/232252)\n- [ncコマンドでサービスの接続疎通確認](https://qiita.com/chenglin/items/70f06e146db19de5a659)\n- [IPが分からないオンプレミスをコマンドラインから調べる。(arp-scan)](https://qiita.com/iganari/items/7be4681ecfa5cff76feb)\n- [digコマンドを使ってみよう](https://zenn.dev/koyamaso/books/cbc1f9f136634c/viewer/d7d05e)\n- [4.5.9. DNSSEC における dig の使用](https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/7/html/security_guide/sec-security_guide-using-dig-with-dnssec)\n- [手を動かしてDNSSECの検証をやってみよう](https://eng-blog.iij.ad.jp/archives/7689)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevlights%2Fgo-gopacket-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevlights%2Fgo-gopacket-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevlights%2Fgo-gopacket-example/lists"}