I recently visited GitHub and found an interesting go project called Go-Sniffer, which monitors mysql and Redis execution in the development environment.

Capture mysql,redis,http,mongodb etc protocol… Packet capture intercepts database requests in the project and parses them into corresponding statements. For example, mysql protocol parses them into SQL statements, facilitating debugging. Instead of modifying the code, sniff the data requests in the project.

A, install,GOThe environment

Refer to the official website to install.

Take Ubuntu as an example.

1. DownloadGo1.11.2 package

Download address: dl.google.com/go/go1.11.2…

2. Termination documents

Decompress the file to the /usr/local folder. If you are not the root user, add sodu before the decompression command

tar -C /usr/local- XZF go1.11.2. Linux - amd64. Tar. GzCopy the code

3. Create aGOPATHdirectory

GOPATH is the directory where the Go source code, packages, and generated binaries are stored. The location is usually placed under $HMOE/ Go.

Create SRC and bin directories under the ~/go directory, respectively. The bin directory can be created automatically after go install is executed.

Now our directory structure is as follows:

├─ bin ├─ SRCCopy the code

4. Add environment variables

We need to add the /usr/local/go/bin and ~/go/bin directories to the environment variables to facilitate the execution of commands.

Edit the ~/.profile file and add the following line to the last line of the file:

PATH="$HOME/go/bin:/usr/local/go/bin:$PATH"
Copy the code

Save and exit. Execute source ~/.profile to update environment variables.

Run go version. If go version go1.11.2 Linux/AMd64 is displayed, go is successfully installed.

Second, the use ofgo-sniffer

1. Installlibpcap-dev

To install libpcap-dev in Ubuntu, run the following command:

sudo apt-get install libpcap-dev
Copy the code

2. Installgo-sniffer

Use Go Get to download it

go get -v -u github.com/40t/go-sniffer

Copy the code

Since you need to download from GitHub, the speed will be a little slow, so you need to wait patiently for a while

Download process:

github.com/40t/go-sniffer (download)
github.com/google/gopacket (download)
github.com/google/gopacket
github.com/40t/go-sniffer/plugSrc/http/build
github.com/40t/go-sniffer/plugSrc/mongodb/build/internal/json
github.com/40t/go-sniffer/plugSrc/mongodb/build/bson
github.com/40t/go-sniffer/plugSrc/mongodb/build
github.com/40t/go-sniffer/plugSrc/mysql/build
github.com/40t/go-sniffer/plugSrc/redis/build
github.com/google/gopacket/layers
github.com/google/gopacket/pcap
github.com/google/gopacket/tcpassembly
github.com/google/gopacket/tcpassembly/tcpreader
github.com/40t/go-sniffer/core
github.com/40t/go-sniffer


Copy the code

If you just added ~/go/bin to the environment variable, you can run the go-sniffer command to verify this.

You can copy the go-sniffer to /usr/local/bin and run the following command:

sudo cp -rf $(go env GOPATH)/bin/go-sniffer /usr/local/bin
Copy the code

3. Usage

Running the go-sniffer will output the name of our device, which is needed for listening

vagrant@homestead:~$ go-sniffer
==================================================================================
[Usage]

    go-sniffer [device] [plug] [plug's params(optional)] [exp] go-sniffer en0 redis Capture redis packet go-sniffer en0 mysql -p 3306 Capture mysql packet go-sniffer --[commend] --help "this page" --env "environment variable" --list "Plug-in list" --ver "version" --dev "device" [exp] go-sniffer --list "show all plug-in" = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = [device] : lo: 127.0.0.1 [device] : Enp0s3:08:00:27:19:2C: A4 10.0.2.15 [Device] : ENP0s8: Job 08:00:27:1 b: ch.32v1 192.168.10.10 c = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =Copy the code

In this case, I need to listen for the local mysql request, which is 127.0.0.1, also known as lo device

Then use the following command to start:

sudo go-sniffer lo mysql
Copy the code

Once started, you can monitor MySQL requests

If we execute a random PHP script, we can see the output of the SQL that our script executes

... The 2018-11-29 04:11:04 | ser - > cli | [Ok] Effect Row: 0 2018-11-29 04:11:04 | cli - > ser | the select * from Pretreatment 】 【 ` users `where `appid` = ? limit 1
2018-11-29 04:11:04| cli -> ser |Stm id[3]: 'select * from `users` where `appid` = ? limit 1';
set @p0 = '4s6rL2VIsTp6hIaGFvf9iZzk9uIkvLlIVk'; Execute stm id[3]: using @p0; Drop stm id[3]; ...Copy the code