{"id":15404540,"url":"https://github.com/k1low/tcpdp","last_synced_at":"2026-01-11T22:43:38.169Z","repository":{"id":44206181,"uuid":"141101277","full_name":"k1LoW/tcpdp","owner":"k1LoW","description":"tcpdp is TCP dump tool with custom dumper and structured logger written in Go.","archived":false,"fork":false,"pushed_at":"2024-06-28T23:03:38.000Z","size":2552,"stargazers_count":129,"open_issues_count":3,"forks_count":17,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-06-09T13:42:34.443Z","etag":null,"topics":["mysql","pcap-parser","postgresql","tcp-dump","tcp-proxy"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/k1LoW.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"k1LoW","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2018-07-16T07:19:00.000Z","updated_at":"2024-10-27T08:53:23.000Z","dependencies_parsed_at":"2022-09-14T04:50:44.879Z","dependency_job_id":"b4b211d4-c398-4fde-a40d-e2d8d0cc8b5a","html_url":"https://github.com/k1LoW/tcpdp","commit_stats":{"total_commits":480,"total_committers":8,"mean_commits":60.0,"dds":0.09166666666666667,"last_synced_commit":"f921059db8951deadde75a4abf535776456e34da"},"previous_names":["k1low/tcprxy"],"tags_count":46,"template":false,"template_full_name":null,"purl":"pkg:github/k1LoW/tcpdp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/k1LoW%2Ftcpdp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/k1LoW%2Ftcpdp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/k1LoW%2Ftcpdp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/k1LoW%2Ftcpdp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/k1LoW","download_url":"https://codeload.github.com/k1LoW/tcpdp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/k1LoW%2Ftcpdp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273077227,"owners_count":25041358,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-01T02:00:09.058Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mysql","pcap-parser","postgresql","tcp-dump","tcp-proxy"],"created_at":"2024-10-01T16:13:36.763Z","updated_at":"2026-01-11T22:43:38.142Z","avatar_url":"https://github.com/k1LoW.png","language":"Go","readme":"# tcpdp [![build](https://github.com/k1LoW/tcpdp/workflows/build/badge.svg)](https://github.com/k1LoW/tcpdp/actions) [![GitHub release](https://img.shields.io/github/release/k1LoW/tcpdp.svg)](https://github.com/k1LoW/tcpdp/releases) ![Coverage](https://raw.githubusercontent.com/k1LoW/octocovs/main/badges/k1LoW/tcpdp/coverage.svg) ![Code to Test Ratio](https://raw.githubusercontent.com/k1LoW/octocovs/main/badges/k1LoW/tcpdp/ratio.svg) ![Test Execution Time](https://raw.githubusercontent.com/k1LoW/octocovs/main/badges/k1LoW/tcpdp/time.svg)\n\ntcpdp is TCP dump tool with custom dumper and structured logger written in Go.\n\n`tcpdp` has 3 modes:\n\n- TCP **Proxy** server mode\n- **Probe** mode ( using libpcap )\n- **Read** pcap file mode\n\n## Usage\n\n### `tcpdp proxy` : TCP proxy server mode\n\n``` console\n$ tcpdp proxy -l localhost:12345 -r localhost:1234 -d hex # hex.Dump()\n```\n\n``` console\n$ tcpdp proxy -l localhost:55432 -r db.internal.example.com:5432 -d pg # Dump query of PostgreSQL\n```\n\n``` console\n$ tcpdp proxy -l localhost:33306 -r db.example.com:3306 -d mysql # Dump query of MySQL\n```\n\n#### With server-starter\n\nhttps://github.com/lestrrat-go/server-starter\n\n``` console\n$ start_server --port 33306 -- tcpdp proxy -s -r db.example.com:3306 -d mysql\n```\n\n#### With config file\n\n``` console\n$ tcpdp proxy -c config.toml\n```\n\n### `tcpdp probe` : Probe mode (like tcpdump)\n\n``` console\n$ tcpdp probe -i lo0 -t localhost:3306 -d mysql # is almost the same setting as 'tcpdump -i lo0 host 127.0.0.1 and tcp port 3306'\n```\n\n``` console\n$ tcpdp probe -i eth0 -t 3306 -d hex # is almost the same setting as 'tcpdump -i eth0 tcp port 3306'\n```\n\n### `tcpdp read` : Read pcap file mode\n\n``` console\n$ tcpdump -i eth0 host 127.0.0.1 and tcp port 3306 -w mysql.pcap\n$ tcpdp read mysql.pcap -d mysql -t 3306 -f ltsv\n```\n\n### `tcpdp config` Create config\n\n``` console\n$ tcpdp config \u003e myconfig.toml\n```\n\n#### Show current config\n\n``` console\n$ tcpdp config\n```\n\n#### config format\n\n``` toml\n[tcpdp]\npidfile = \"/var/run/tcpdp.pid\"\ndumper = \"mysql\"\n\n[probe]\ntarget = \"db.example.com:3306\"\ninterface = \"en0\"\nbufferSize = \"2MB\"\nimmediateMode = false\nsnapshotLength = \"auto\"\ninternalBufferLength = 10000\nfilter = \"\"\n\n[proxy]\nuseServerStarter = false\nlistenAddr = \"localhost:3306\"\nremoteAddr = \"db.example.com:3306\"\n\n[log]\ndir = \"/var/log/tcpdp\"\nenable = true\nenableInternal = true\nstdout = true\nformat = \"ltsv\"\nrotateEnable = true\nrotationTime = \"daily\"\nrotationCount = 7\n# You can execute arbitrary commands after rotate\n# $1 = prev filename\n# $2 = current filename\nrotationHook = \"/path/to/after_rotate.sh\"\nfileName = \"tcpdp.log\"\n\n[dumpLog]\ndir = \"/var/log/dump\"\nenable = true\nstdout = false\nformat = \"json\"\nrotateEnable = true\nrotationTime = \"hourly\"\nrotationCount = 24\nfileName = \"dump.log\"\n```\n\n## Installation\n\n```console\n$ go get github.com/k1LoW/tcpdp\n```\n\n## Architecture\n\n### tcpdp proxy connection diagram\n\n```\n      client_addr\n           ^\n           |        tcpdp\n+----------|---------------+\n|          v               |\n|  proxy_listen_addr       |\n|         + ^              |\n|         | |   +--------+ |\n|         |\u003c----+ dumper | |\n|         | |\u003c--+        | |\n|         | |   +--------+ |\n|         v +              |\n|  proxy_client_addr       |\n|          ^               |\n+----------|---------------+\n           |\n           v\n      remote_addr\n```\n\n### tcpdp probe connection diagram\n\n```\n                    server\n+--------------------------+\n|                          |\n|                      +---+---+\n|       \u003c--------------| eth0  |-----------\u003e\n|            interface +---+---+\n|            /target     ^ |\n|                        | |\n|         tcpdp          | |\n|        +--------+      | |\n|        | dumper +------+ |\n|        +--------+        |\n+--------------------------+\n```\n\n### tcpdp read diagram\n\n```\n                  tcpdp\n+--------+ STDIN +--------+ STDOUT\n| *.pcap +------\u003e+ dumper +--------\u003e\n+--------+       +--------+\n```\n\n## tcpdp.log ( `tcpdp proxy` or `tcpdp probe` )\n\n| key | description | mode |\n| --- | ----------- | ---- |\n| ts | timestamp | proxy / probe / read |\n| level | log level | proxy / probe |\n| msg | log message | proxy / probe |\n| error | error info | proxy / probe |\n| caller | error caller | proxy / probe |\n| conn_id | TCP connection ID by tcpdp | proxy / probe |\n| target | probe target | proxy / probe |\n| dumper | dumper type | proxy / probe |\n| use_server_starter | use server_starter | proxy |\n| conn_seq_num | TCP comunication sequence number by tcpdp | proxy |\n| client_addr | client address | tcpdp.log, hex, mysql, pg | proxy |\n| remote_addr | remote address | proxy |\n| proxy_listen_addr | listen address| proxy |\n| direction | client to remote: `-\u003e` / remote to client: `\u003c-` | proxy |\n| interface | probe target interface | probe |\n| mtu | interface MTU (Maximum Transmission Unit) | probe |\n| mss | TCP connection MSS (Max Segment Size) | probe |\n| probe_target_addr | probe target address | probe |\n| filter | BPF (Berkeley Packet Filter) | probe |\n| buffer_size | libpcap buffer_size | probe |\n| immediate_mode | libpcap immediate_mode | probe |\n| snapshot_length | libpcap snapshot length | probe |\n| internal_buffer_length | tcpdp internal packet buffer length | probe |\n\n## Dumper\n\n### mysql\n\nMySQL query dumper\n\n**NOTICE: MySQL query dumper require `--target` option when `tcpdp proxy` `tcpdp probe`**\n\n| key | description | mode |\n| --- | ----------- | ---- |\n| ts | timestamp | proxy / probe / read |\n| conn_id | TCP connection ID by tcpdp | proxy / probe / read |\n| conn_seq_num | TCP comunication sequence number by tcpdp | proxy |\n| client_addr | client address | proxy |\n| proxy_listen_addr | listen address| proxy |\n| proxy_client_addr | proxy client address | proxy |\n| remote_addr | remote address | proxy |\n| direction | client to remote: `-\u003e` / remote to client: `\u003c-` | proxy |\n| interface | probe target interface | probe |\n| src_addr | src address | probe / read |\n| dst_addr | dst address | probe / read |\n| probe_target_addr | probe target address | probe |\n| proxy_protocol_src_addr | proxy protocol src address | probe / proxy /read |\n| proxy_protocol_dst_addr | proxy protocol dst address | probe / proxy /read |\n| query | SQL query | proxy / probe / read |\n| stmt_id | statement id | proxy / probe / read |\n| stmt_prepare_query | prepared statement query | proxy / probe / read |\n| stmt_execute_values | prepared statement execute values | proxy / probe / read |\n| character_set | [character set](https://dev.mysql.com/doc/internals/en/character-set.html) | proxy / probe / read |\n| username | username | proxy / probe / read |\n| database | database | proxy / probe / read |\n| seq_num | sequence number by MySQL | proxy / probe / read |\n| command_id | [command_id](https://dev.mysql.com/doc/internals/en/com-query.html) for MySQL | proxy / probe / read |\n\n### pg\n\nPostgreSQL query dumper\n\n**NOTICE: PostgreSQL query dumper require `--target` option `tcpdp proxy` `tcpdp probe`**\n\n| key | description | mode |\n| --- | ----------- | ---- |\n| ts | timestamp | proxy / probe / read |\n| conn_id | TCP connection ID by tcpdp | proxy / probe / read |\n| conn_seq_num | TCP comunication sequence number by tcpdp | proxy |\n| client_addr | client address | proxy |\n| proxy_listen_addr | listen address| proxy |\n| proxy_client_addr | proxy client address | proxy |\n| remote_addr | remote address | proxy |\n| direction | client to remote: `-\u003e` / remote to client: `\u003c-` | proxy |\n| interface | probe target interface | probe |\n| src_addr | src address | probe / read |\n| dst_addr | dst address | probe / read |\n| probe_target_addr | probe target address | probe |\n| proxy_protocol_src_addr | proxy protocol src address | probe / proxy /read |\n| proxy_protocol_dst_addr | proxy protocol dst address | probe / proxy /read |\n| query | SQL query | proxy / probe / read |\n| portal_name | portal Name | proxy / probe / read |\n| stmt_name | prepared statement name | proxy / probe / read |\n| parse_query | prepared statement query | proxy / probe / read |\n| bind_values | prepared statement bind(execute) values | proxy / probe / read |\n| username | username | proxy / probe / read |\n| database | database | proxy / probe / read |\n| message_type | [message type](https://www.postgresql.org/docs/current/static/protocol-overview.html#PROTOCOL-MESSAGE-CONCEPTS) for PostgreSQL | proxy / probe / read |\n\n### hex\n\n| key | description | mode |\n| --- | ----------- | ---- |\n| ts | timestamp | proxy / probe / read |\n| conn_id | TCP connection ID by tcpdp | proxy / probe / read |\n| conn_seq_num | TCP comunication sequence number by tcpdp | proxy |\n| client_addr | client address | proxy |\n| proxy_listen_addr | listen address| proxy |\n| proxy_client_addr | proxy client address | proxy |\n| remote_addr | remote address | proxy |\n| direction | client to remote: `-\u003e` / remote to client: `\u003c-` | proxy |\n| interface | probe target interface | probe |\n| src_addr | src address | probe / read |\n| dst_addr | dst address | probe / read |\n| probe_target_addr | probe target address | probe |\n| proxy_protocol_src_addr | proxy protocol src address | probe / proxy /read |\n| proxy_protocol_dst_addr | proxy protocol dst address | probe / proxy /read |\n| bytes | bytes string by hex.Dump | proxy / probe / read |\n| ascii | ascii string by hex.Dump | proxy / probe / read |\n\n## References\n\n- https://github.com/jpillora/go-tcp-proxy\n- https://github.com/dmmlabo/tcpserver_go\n","funding_links":["https://github.com/sponsors/k1LoW"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fk1low%2Ftcpdp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fk1low%2Ftcpdp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fk1low%2Ftcpdp/lists"}