From 3ee6686d00b750d15008848c3056cf2beeef60a4 Mon Sep 17 00:00:00 2001
From: Jen Tak <goodhoko@gmail.com>
Date: Sun, 15 Sep 2024 23:11:39 +0200
Subject: [PATCH] Add pcap probe for probing network traffic

---
 .DS_Store                     | Bin 0 -> 6148 bytes
 Cargo.toml                    |   2 ++
 crates/pcap_probe/Cargo.toml  |  11 +++++++
 crates/pcap_probe/src/main.rs |  54 ++++++++++++++++++++++++++++++++++
 4 files changed, 67 insertions(+)
 create mode 100644 .DS_Store
 create mode 100644 crates/pcap_probe/Cargo.toml
 create mode 100644 crates/pcap_probe/src/main.rs

diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..56ba2fa5ff5d43b74c1d4212d75d512c2a1120ad
GIT binary patch
literal 6148
zcmeHKy-EW?5T1#LUJxXu<#s^?A(dDNXE=KyO-d7^QAxNUv9h^Gu<-@#d<+X8#m1-b
zo1G!v8DlA;Gcfz@&Cku=x5v#b5pnl+)FEmSQ3@4oG%<W3;ul?#hFQePa*xTl(>p7s
zv!zHk{8k2J?-JUhF<sHTwtvmT{i<(T<oR$?3}H(T-ue$uTQ5g-|L9x)?6UH1^zV^M
z>olhU-Jte)tu|lm-pLDD^H=M)cb;F{kFoxzn2$BAim9xFuQyI)9WKs*GvEyTHwMtN
zMbb@0ADsbbz!_LDAm4`o70e7v#rWyK5RU-B1m-B1%deZ{1jEd*RD=h@nhMlZwj%~>
zI_$yXGQ(0)(~0fy!B&~=gu<~p?jK?}ai-{_GvEx=8CcWHmh}JQ)#v|ul3zIk&cL5y
zfRntJckxKpTbCYAdToH7LPaF5R9vKB5?e81r4?^Oqre_y0?Z6cMOYyIBM@ou!5R2b
G2HpXq#7JuZ

literal 0
HcmV?d00001

diff --git a/Cargo.toml b/Cargo.toml
index f14a4cb..db408f5 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -8,6 +8,7 @@ members = [
     "crates/test_probe",
     "crates/ptrace_probe",
     "crates/log_probe",
+    "crates/pcap_probe",
 ]
 
 # Specify a subset of member crates that compile on all supported architectures.
@@ -16,6 +17,7 @@ default-members = [
     "crates/composer",
     "crates/test_probe",
     "crates/log_probe",
+    "crates/pcap_probe",
 ]
 
 # Explicitly set resolver due to virtual workspace, see
diff --git a/crates/pcap_probe/Cargo.toml b/crates/pcap_probe/Cargo.toml
new file mode 100644
index 0000000..f1d5ac9
--- /dev/null
+++ b/crates/pcap_probe/Cargo.toml
@@ -0,0 +1,11 @@
+[package]
+name = "pcap_probe"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+clap = { version = "4.2", features = ["derive"] }
+color-eyre = "0.6"
+composer_api = { path = "../composer_api" }
+eyre = "0.6"
+pcap = "2.2.0"
diff --git a/crates/pcap_probe/src/main.rs b/crates/pcap_probe/src/main.rs
new file mode 100644
index 0000000..2011a91
--- /dev/null
+++ b/crates/pcap_probe/src/main.rs
@@ -0,0 +1,54 @@
+#![warn(clippy::all, clippy::clone_on_ref_ptr)]
+
+use std::time::Duration;
+
+use clap::{command, Parser};
+use composer_api::{Client, Event, EventKind, Packet};
+use eyre::Result;
+use pcap::Capture;
+
+#[derive(Parser)]
+#[command(author, version, about, long_about = None)]
+#[command(propagate_version = true)]
+struct Args {
+    /// Server address to receive events.
+    #[arg(short, long)]
+    address: Option<String>,
+}
+
+fn main() -> Result<()> {
+    color_eyre::install()?;
+
+    let args = Args::parse();
+    let client = match args.address {
+        Some(address) => Client::new(address),
+        None => Client::try_default(),
+    }?;
+
+    let device = pcap::Device::lookup()
+        .expect("cal list devices")
+        .expect("there's a default network device");
+    println!("using device: {device:?}");
+
+    let mut capture = Capture::from_device(device)
+        .unwrap()
+        .immediate_mode(true)
+        .open()
+        .expect("can open the device for capture");
+
+    while let Ok(cap) = capture.next_packet() {
+        let ts = Duration::new(
+            cap.header.ts.tv_sec.unsigned_abs(),
+            // One microsecond is 1000 nanoseconds.
+            cap.header.ts.tv_usec.unsigned_abs() * 1000,
+        );
+
+        let event = Event::with_timestamp(EventKind::TestTick, ts);
+
+        if let Err(err) = client.send(&Packet::from_event(event)) {
+            eprintln!("Could not send packet {:?}", err)
+        };
+    }
+
+    Ok(())
+}