diff --git a/MagicEyes/src/backend/net/net_watcher/src/net_watcher.c b/MagicEyes/src/backend/net/net_watcher/src/net_watcher.c index a6466ebc1..a0fb2d4f7 100644 --- a/MagicEyes/src/backend/net/net_watcher/src/net_watcher.c +++ b/MagicEyes/src/backend/net/net_watcher/src/net_watcher.c @@ -55,6 +55,7 @@ static int all_conn = 0, err_packet = 0, extra_conn_info = 0, layer_time = 0, time_load = 0, dns_info = 0, stack_info = 0, mysql_info = 0, redis_info = 0, count_info = 0, rtt_info = 0, rst_info = 0, protocol_count = 0, redis_stat = 0, overrun_time = 0; // flag +static char *dst_ip = NULL, *src_ip = NULL; static const char argp_program_doc[] = "Watch tcp/ip in network subsystem \n"; static const struct argp_option opts[] = { @@ -66,14 +67,16 @@ static const struct argp_option opts[] = { {"http", 'i', 0, 0, "set to trace http info"}, {"sport", 's', "SPORT", 0, "trace this source port only"}, {"dport", 'd', "DPORT", 0, "trace this destination port only"}, + {"src-ip", 'S', "SRC_IP", 0, "Filter by source IP address"}, + {"dst-ip", 'D', "DST_IP", 0, "Filter by destination IP address"}, {"udp", 'u', 0, 0, "trace the udp message"}, {"net_filter", 'n', 0, 0, "trace ipv4 packget filter "}, {"drop_reason", 'k', 0, 0, "trace kfree "}, {"addr_to_func", 'F', 0, 0, "translation addr to func and offset"}, {"icmptime", 'I', 0, 0, "set to trace layer time of icmp"}, - {"tcpstate", 'S', 0, 0, "set to trace tcpstate"}, + {"tcpstate", 'P', 0, 0, "set to trace tcpstate"}, {"timeload", 'L', 0, 0, "analysis time load"}, - {"dns", 'D', 0, 0, + {"dns", 'N', 0, 0, "set to trace dns information info include Id 事务ID、Flags 标志字段、Qd " "问题部分计数、An 应答记录计数、Ns 授权记录计数、Ar 附加记录计数、Qr " "域名、rx 收发包 、Qc请求数、Sc响应数"}, @@ -89,8 +92,9 @@ static const struct argp_option opts[] = { {"rst_counters", 'U', 0, 0, "set to trace rst"}, {"protocol_count", 'p', 0, 0, "set to trace protocol count"}, {"overrun_time", 'o', "PERIOD", 0, "set to trace rto overrun"}, - // {"overrun", 'o', 0, 0, "set to trace rto overrun"}, + {NULL, 'h', NULL, OPTION_HIDDEN, "Show the full help"}, {}}; + static u64 sample_period = TIME_THRESHOLD_NS; static error_t parse_arg(int key, char *arg, struct argp_state *state) { @@ -121,6 +125,12 @@ static error_t parse_arg(int key, char *arg, struct argp_state *state) case 'd': dport = strtoul(arg, &end, 10); break; + case 'S': + src_ip = arg; + break; + case 'D': + dst_ip = arg; + break; case 'u': udp_info = 1; break; @@ -136,13 +146,13 @@ static error_t parse_arg(int key, char *arg, struct argp_state *state) case 'I': icmp_info = 1; break; - case 'S': + case 'P': tcp_info = 1; break; case 'L': time_load = 1; break; - case 'D': + case 'N': dns_info = 1; break; case 'A': @@ -172,11 +182,15 @@ static error_t parse_arg(int key, char *arg, struct argp_state *state) case 'o': overrun_time = strtoul(arg, &end, 10); break; + case 'h': + argp_state_help(state, stderr, ARGP_HELP_STD_HELP); + break; default: return ARGP_ERR_UNKNOWN; } return 0; } + static const struct argp argp = { .options = opts, .parser = parse_arg, @@ -505,6 +519,44 @@ int process_delay(float layer_delay, int layer_index) } return 0; } + +static int should_filter(const char *src, const char *dst, const char *filter_src_ip, const char *filter_dst_ip) +{ + // 均未指定 + if (!filter_src_ip && !filter_dst_ip) + { + return 1; + } + + // 指定源IP和目的IP + if (filter_src_ip && filter_dst_ip) + { + if (strcmp(src, filter_src_ip) == 0 && strcmp(dst, filter_dst_ip) == 0) + { + return 1; + } + } + // 只指定源IP + else if (filter_src_ip) + { + + if (strcmp(src, filter_src_ip) == 0) + { + return 1; + } + } + // 只指定目的IP + else if (filter_dst_ip) + { + if (strcmp(dst, filter_dst_ip) == 0) + { + return 1; + } + } + + return 0; +} + static void set_rodata_flags(struct net_watcher_bpf *skel) { skel->rodata->filter_dport = dport; @@ -528,6 +580,7 @@ static void set_rodata_flags(struct net_watcher_bpf *skel) skel->rodata->rtt_info = rtt_info; skel->rodata->rst_info = rst_info; skel->rodata->protocol_count = protocol_count; + skel->rodata->overrun_time = overrun_time; } static void set_disable_load(struct net_watcher_bpf *skel) { @@ -715,8 +768,8 @@ static void print_header(enum MonitorMode mode) "UDP " "INFORMATION====================================================" "====\n"); - printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s\n", "Saddr", "Daddr", - "Sprot", "Dprot", "udp_time/μs", "RX/direction", "len/byte"); + printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s\n", "Saddr", "Sport", + "Daddr", "Dprot", "udp_time/μs", "RX/direction", "len/byte"); break; case MODE_NET_FILTER: printf("===============================================================" @@ -724,7 +777,7 @@ static void print_header(enum MonitorMode mode) "INFORMATION====================================================" "=======\n"); printf("%-20s %-20s %-12s %-12s %-8s %-8s %-7s %-8s %-8s %-8s\n", - "Saddr", "Daddr", "Sprot", "Dprot", "PreRT/μs", "L_IN/μs", + "Saddr", "Sport", "Daddr", "Dprot", "PreRT/μs", "L_IN/μs", "FW/μs", "PostRT/μs", "L_OUT/μs", "RX/direction"); break; case MODE_DROP_REASON: @@ -733,7 +786,7 @@ static void print_header(enum MonitorMode mode) "INFORMATION====================================================" "====\n"); printf("%-13s %-17s %-17s %-10s %-10s %-9s %-33s %-30s\n", "Time", - "Saddr", "Daddr", "Sprot", "Dprot", "prot", "addr", "reason"); + "Saddr", "Sport", "Daddr", "Dprot", "prot", "addr", "reason"); break; case MODE_ICMP: printf("=================================================ICMP " @@ -746,8 +799,8 @@ static void print_header(enum MonitorMode mode) "TCP STATE " "INFORMATION====================================================" "====\n"); - printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s \n", "Saddr", "Daddr", - "Sport", "Dport", "oldstate", "newstate", "time/μs"); + printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s \n", "Saddr", "Sport", + "Daddr", "Dport", "oldstate", "newstate", "time/μs"); break; case MODE_DNS: printf("===============================================================" @@ -794,28 +847,28 @@ static void print_header(enum MonitorMode mode) "INFORMATION====================================================" "============================\n"); printf("%-10s %-20s %-10s %-10s %-10s %-10s %-20s \n", "Pid", "Comm", - "Saddr", "Daddr", "Sport", "Dport", "Time"); + "Saddr", "Sport", "Daddr", "Dport", "Time"); break; case MODE_EXTRA_CONN: printf("===============================================================" "====================EXTRA CONN " "INFORMATION====================================================" "============================\n"); - printf("%-15s %-15s %-10s %-10s %-10s %-10s %-10s %-10s %-10s %-10s %-13s %-10s %-10s %-10s %-10s\n", "Saddr", "Daddr", "Sport", "Dport", "backlog", "maxbacklog", "rwnd", "cwnd", "ssthresh", "sndbuf", "wmem_queued", "rx_bytes", "tx_bytes", "srtt", "duration"); + printf("%-15s %-15s %-10s %-10s %-10s %-10s %-10s %-10s %-10s %-10s %-13s %-10s %-10s %-10s %-10s\n", "Saddr", "Sport", "Daddr", "Dport", "backlog", "maxbacklog", "rwnd", "cwnd", "ssthresh", "sndbuf", "wmem_queued", "rx_bytes", "tx_bytes", "srtt", "duration"); break; case MODE_RETRANS: printf("===============================================================" "====================RETRANS " "INFORMATION====================================================" "============================\n"); - printf("%-15s %-15s %-10s %-10s %-10s %-10s %-10s\n", "Saddr", "Daddr", "Sport", "Dport", "fastRe", "total_retrans", "timeout"); + printf("%-15s %-15s %-10s %-10s %-10s %-10s %-10s\n", "Saddr", "Sport", "Daddr", "Dport", "fastRe", "total_retrans", "timeout"); break; case MODE_CONN: printf("===============================================================" "====================CONN " "INFORMATION====================================================" "============================\n"); - printf("%-15s %-20s %-15s %-15s %-10s %-10s %-10s\n", "Pid", "Sock", "Saddr", "Daddr", "Sport", "Dport", "Is_Server"); + printf("%-15s %-20s %-15s %-15s %-10s %-10s %-10s\n", "Pid", "Sock", "Saddr", "Sport", "Daddr", "Dport", "Is_Server"); break; case MODE_DEFAULT: printf("===============================================================" @@ -837,7 +890,7 @@ static void print_header(enum MonitorMode mode) "=OVERTIME INFORMATION===================================================" "======================\n"); printf("%-20s %-20s %-20s %-20s %-20s %-20s\n", - "Saddr", "Daddr", "Sport", "Dport", "RTO", "Delack_max"); + "Saddr", "Sport", "Daddr", "Dport", "RTO", "Delack_max"); break; case MODE_PROTOCOL_COUNT: printf("===============================================================" @@ -868,6 +921,7 @@ static void bytes_to_str(char *str, unsigned long long num) sprintf(str, "%llu", num); } } + static int print_conns(struct net_watcher_bpf *skel) { @@ -893,9 +947,7 @@ static int print_conns(struct net_watcher_bpf *skel) char s_ip_port_str[INET6_ADDRSTRLEN + 6]; char d_ip_port_str[INET6_ADDRSTRLEN + 6]; - if ((d.saddr & 0x0000FFFF) == 0x0000007F || - (d.daddr & 0x0000FFFF) == 0x0000007F) - return 0; + if (d.family == AF_INET) { inet_ntop(AF_INET, &d.saddr, s_str, sizeof(s_str)); @@ -922,19 +974,19 @@ static int print_conns(struct net_watcher_bpf *skel) if (extra_conn_info) { - printf("%-15s %-15s %-10d %-10d %-10u %-10u %-10u %-10u %-10u %-10u %-13u %-10s %-10s %-10u %-10llu\n", - s_ip_only, d_ip_only, d.sport, d.dport, d.tcp_backlog, + printf("%-15s %-10d %-15s %-10d %-10u %-10u %-10u %-10u %-10u %-10u %-13u %-10s %-10s %-10u %-10llu\n", + s_ip_only, d.sport,d_ip_only, d.dport, d.tcp_backlog, d.max_tcp_backlog, d.rcv_wnd, d.snd_cwnd, d.snd_ssthresh, d.sndbuf, d.sk_wmem_queued, received_bytes, acked_bytes, d.srtt, d.duration); } if (retrans_info) { - printf("%-15s %-15s %-10d %-10d %-10u %-14u %-10u\n", s_ip_only, d_ip_only, d.sport, d.dport, d.fastRe, d.total_retrans, d.timeout); + printf("%-15s %-10d %-15s %-10d %-10u %-14u %-10u\n", s_ip_only, d.sport, d_ip_only, d.dport, d.fastRe, d.total_retrans, d.timeout); } if (all_conn) { - printf("%-15d %-20p %-15s %-15s %-10d %-10d %-10u\n", d.pid, d.sock, s_ip_only, d_ip_only, d.sport, d.dport, d.is_server); + printf("%-15d %-20p %-15s %-10d %-15s %-10d %-10u\n", d.pid, d.sock, s_ip_only, d.sport, d_ip_only, d.dport, d.is_server); } } return 0; @@ -955,9 +1007,12 @@ static int print_packet(void *ctx, void *packet_info, size_t size) char s_str[INET_ADDRSTRLEN]; unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; - if ((daddr & 0x0000FFFF) == 0x0000007F || - (saddr & 0x0000FFFF) == 0x0000007F) + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + if (should_filter(s_str, d_str, src_ip, dst_ip)) + { return 0; + } if (dport) if (pack_info->dport != dport) return 0; @@ -986,9 +1041,9 @@ static int print_packet(void *ctx, void *packet_info, size_t size) printf("%-22p %-20s %-8d %-20s %-8d %-14llu %-14llu %-14llu %-14u %-14u %-14d " "%-16s", pack_info->sock, - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), + s_str, pack_info->sport, - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), + d_str, pack_info->dport, pack_info->mac_time, pack_info->ip_time, pack_info->tran_time, pack_info->seq, pack_info->ack, pack_info->rx, http_data); } @@ -1015,9 +1070,9 @@ static int print_packet(void *ctx, void *packet_info, size_t size) } printf("%-22p %-20s %-8d %-20s %-8d %-14u %-14u %-14s ", pack_info->sock, - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), + s_str, pack_info->sport, - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), + d_str, pack_info->dport, pack_info->seq, pack_info->ack, reason); } } @@ -1025,9 +1080,9 @@ static int print_packet(void *ctx, void *packet_info, size_t size) { printf("%-22p %-20s %-8d %-20s %-8d %-14u %-14u %-14u %-14u %-14u %-14d %-16s\n", pack_info->sock, - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), + s_str, pack_info->sport, - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), + d_str, pack_info->dport, 0, 0, 0, pack_info->seq, pack_info->ack, pack_info->rx, http_data); } if (time_load) @@ -1047,20 +1102,24 @@ static int print_udp(void *ctx, void *packet_info, size_t size) { if (!udp_info) return 0; + char d_str[INET_ADDRSTRLEN]; char s_str[INET_ADDRSTRLEN]; const struct udp_message *pack_info = packet_info; unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; - if (pack_info->tran_time > MAXTIME || (daddr & 0x0000FFFF) == 0x0000007F || - (saddr & 0x0000FFFF) == 0x0000007F) + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + + if (!should_filter(s_str, d_str, src_ip, dst_ip)) + { return 0; - printf("%-20s %-20s %-20u %-20u %-20llu %-20d %-20d", - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), pack_info->sport, - pack_info->dport, pack_info->tran_time, pack_info->rx, - pack_info->len); + } + + printf("%-20s %-20u %-20s %-20u %-20llu %-20d %-20d\n", + s_str, pack_info->sport,d_str, pack_info->dport, + pack_info->tran_time, pack_info->rx, pack_info->len); if (time_load) { @@ -1071,6 +1130,7 @@ static int print_udp(void *ctx, void *packet_info, size_t size) printf("\n"); return 0; } + static int print_netfilter(void *ctx, void *packet_info, size_t size) { if (!net_filter) @@ -1078,20 +1138,27 @@ static int print_netfilter(void *ctx, void *packet_info, size_t size) char d_str[INET_ADDRSTRLEN]; char s_str[INET_ADDRSTRLEN]; const struct netfilter *pack_info = packet_info; + if (pack_info->local_input_time > MAXTIME || pack_info->forward_time > MAXTIME || pack_info->local_out_time > MAXTIME || pack_info->post_routing_time > MAXTIME || pack_info->pre_routing_time > MAXTIME) return 0; + unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; - // if ((daddr & 0x0000FFFF) == 0x0000007F || - // (saddr & 0x0000FFFF) == 0x0000007F) - // return 0; - printf("%-20s %-20s %-12d %-12d %-8lld %-8lld% -8lld %-8lld %-8lld %-8d", - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), pack_info->sport, + + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + + if (!should_filter(s_str, d_str, src_ip, dst_ip)) + { + return 0; + } + + printf("%-20s %-12d %-20s %-12d %-8lld %-8lld% -8lld %-8lld %-8lld %-8d", + s_str, pack_info->sport,d_str, pack_info->dport, pack_info->pre_routing_time, pack_info->local_input_time, pack_info->forward_time, pack_info->post_routing_time, pack_info->local_out_time, @@ -1129,9 +1196,15 @@ static int print_tcpstate(void *ctx, void *packet_info, size_t size) const struct tcp_state *pack_info = packet_info; unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; - printf("%-20s %-20s %-20d %-20d %-20s %-20s %-20lld\n", - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), pack_info->sport, + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + if (!should_filter(s_str, d_str, src_ip, dst_ip)) + { + return 0; + } + + printf("%-20s %-20d %-20s %-20d %-20s %-20s %-20lld\n", + s_str, pack_info->sport,d_str, pack_info->dport, tcp_states[pack_info->oldstate], tcp_states[pack_info->newstate], pack_info->time); @@ -1240,14 +1313,16 @@ static int print_kfree(void *ctx, void *packet_info, size_t size) return 0; char d_str[INET_ADDRSTRLEN]; char s_str[INET_ADDRSTRLEN]; + char prot[6]; const struct reasonissue *pack_info = packet_info; unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; - if (saddr == 0 && daddr == 0) + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + if (!should_filter(s_str, d_str, src_ip, dst_ip)) { return 0; } - char prot[6]; if (pack_info->protocol == 2048) { strcpy(prot, "ipv4"); @@ -1263,10 +1338,9 @@ static int print_kfree(void *ctx, void *packet_info, size_t size) } time_t now = time(NULL); struct tm *localTime = localtime(&now); - printf("%02d:%02d:%02d %-17s %-17s %-10u %-10u %-10s", + printf("%02d:%02d:%02d %-17s %-10u %-17s %-10u %-10s", localTime->tm_hour, localTime->tm_min, localTime->tm_sec, - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), pack_info->sport, + s_str, pack_info->sport,d_str, pack_info->dport, prot); if (!addr_to_func) printf("%-34lx", pack_info->location); @@ -1293,9 +1367,14 @@ static int print_icmptime(void *ctx, void *packet_info, size_t size) } unsigned int saddr = pack_info->saddr; unsigned int daddr = pack_info->daddr; + inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); + inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); + if (!should_filter(s_str, d_str, src_ip, dst_ip)) + { + return 0; + } printf("%-20s %-20s %-20lld %-20d", - inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)), - inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)), + s_str, d_str, pack_info->icmp_tran_time, pack_info->flag); if (time_load) { @@ -1343,9 +1422,9 @@ static void print_stored_events() { inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); - printf("%-10d %-10s %-10s %-10s %-10u %-10u %-20llu", - event->pid, event->comm, s_str, d_str, - event->sport, event->dport, + printf("%-10d %-10s %-10s %-10u %-10s %-10u %-20llu", + event->pid, event->comm, s_str, + event->sport, d_str,event->dport, event->timestamp); } else if (event->family == AF_INET6) @@ -1353,9 +1432,9 @@ static void print_stored_events() inet_ntop(AF_INET6, &event->saddr_v6, saddr_v6, sizeof(saddr_v6)); inet_ntop(AF_INET6, &event->daddr_v6, daddr_v6, sizeof(daddr_v6)); - printf("%-10d %10s %-10s %-10s %-10u %-10u %-20llu\n", + printf("%-10d %10s %-10s %-10u %-10s %-10u %-20llu\n", event->pid, event->comm, saddr_v6, - daddr_v6, event->sport, event->dport, + event->sport,daddr_v6, event->dport, event->timestamp); } printf("\n"); @@ -1399,12 +1478,13 @@ static int print_dns(void *ctx, void *packet_info, size_t size) inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); - print_domain_name((const unsigned char *)pack_info->data, domain_name); - if (pack_info->daddr == 0) + + if (!should_filter(s_str, d_str, src_ip, dst_ip)) { return 0; } + printf("%-20s %-20s %-#12x %-#12x %-5x %-5x %-5x %-5x %-47s %-10d %-10d " "%-10d \n", s_str, d_str, pack_info->id, pack_info->flags, pack_info->qdcount, @@ -1549,8 +1629,10 @@ static int print_trace(void *_ctx, void *data, size_t size) return 0; } -static int print_rate(void *ctx, void *data, size_t size) { - if (!overrun_time) { +static int print_rate(void *ctx, void *data, size_t size) +{ + if (!overrun_time) + { return 0; } char d_str[INET_ADDRSTRLEN]; @@ -1558,17 +1640,16 @@ static int print_rate(void *ctx, void *data, size_t size) { const struct tcp_rate *pack_info = (const struct tcp_rate *)data; unsigned int saddr = pack_info->skbap.saddr; unsigned int daddr = pack_info->skbap.daddr; - if ((saddr & 0x0000FFFF) == 0x0000007F || - (daddr & 0x0000FFFF) == 0x0000007F) - return 0; - if ((saddr & 0xFF000000) == 0x01000000 || - (daddr & 0xFF000000) == 0x01000000) - return 0; inet_ntop(AF_INET, &saddr, s_str, sizeof(s_str)); inet_ntop(AF_INET, &daddr, d_str, sizeof(d_str)); - printf("%-20s %-20s %-20d %-20d %-20lld %-20lld\n", s_str, d_str, - pack_info->skbap.sport, pack_info->skbap.dport, pack_info->tcp_rto, + if (!should_filter(s_str, d_str, src_ip, dst_ip)) + { + return 0; + } + + printf("%-20s %-20d %-20s %-20d %-20lld %-20lld\n", s_str, + pack_info->skbap.sport, d_str,pack_info->skbap.dport, pack_info->tcp_rto, pack_info->tcp_delack_max); return 0; @@ -1584,12 +1665,9 @@ static int print_rtt(void *ctx, void *data, size_t size) char s_str[INET_ADDRSTRLEN]; inet_ntop(AF_INET, &rtt_tuple->saddr, s_str, sizeof(s_str)); inet_ntop(AF_INET, &rtt_tuple->daddr, d_str, sizeof(d_str)); - if ((rtt_tuple->saddr & 0x0000FFFF) == 0x0000007F || - (rtt_tuple->daddr & 0x0000FFFF) == 0x0000007F || - rtt_tuple->saddr == htonl(0xC0A83C01) || - rtt_tuple->daddr == htonl(0xC0A83C01)) + if (!should_filter(s_str, d_str, src_ip, dst_ip)) { - return 0; // 如果匹配任一过滤条件,放弃处理这些数据包 + return 0; } // 打印源地址和目的地址 printf("Source Address: %s\n", s_str); @@ -1680,10 +1758,9 @@ void print_top_5_keys() // printf("Key: %s, Count: %u\n", pairs[index].key, pairs[index].value); index++; } - // 获取所有键值对 // 排序前 5 个元素 - // 简单选择排序(可替换为其他高效排序算法) + // 简单选择排序 for (int i = 0; i < index - 1; i++) { for (int j = i + 1; j < index; j++) diff --git a/MagicEyes/src/magic_eyes_cli/README.md b/MagicEyes/src/magic_eyes_cli/README.md index 76092efac..164771bae 100644 --- a/MagicEyes/src/magic_eyes_cli/README.md +++ b/MagicEyes/src/magic_eyes_cli/README.md @@ -88,7 +88,7 @@ magic_eyes_cli具有2个固定命令, 即 ### 4. 例程 ```bash -magic_eyes_cli process cpu_watcher -h +./magic_eyes_cli process cpu_watcher -h # <------------------ 自动补全 | 非自动补全 ```