diff --git a/tap/api/api.go b/tap/api/api.go index 678c87feb..5c9ccfc13 100644 --- a/tap/api/api.go +++ b/tap/api/api.go @@ -2,7 +2,7 @@ package api import ( "bufio" - "fmt" + "log" "plugin" "time" ) @@ -29,6 +29,7 @@ type TcpID struct { DstIP string SrcPort string DstPort string + Ident string } type GenericMessage struct { @@ -64,9 +65,9 @@ type Emitter interface { } func (e *Emitting) Emit(item *OutputChannelItem) { - fmt.Printf("item: %+v\n", item) - fmt.Printf("item.Data: %+v\n", item.Data) - fmt.Printf("item.Data.Request.Orig: %v\n", item.Data.Request.Orig) - fmt.Printf("item.Data.Response.Orig: %v\n", item.Data.Response.Orig) + log.Printf("item: %+v\n", item) + log.Printf("item.Data: %+v\n", item.Data) + log.Printf("item.Data.Request.Orig: %v\n", item.Data.Request.Orig) + log.Printf("item.Data.Response.Orig: %v\n", item.Data.Response.Orig) e.OutputChannel <- item } diff --git a/tap/extensions/http/handlers.go b/tap/extensions/http/handlers.go index 01dcf3ca2..41f312904 100644 --- a/tap/extensions/http/handlers.go +++ b/tap/extensions/http/handlers.go @@ -2,7 +2,9 @@ package main import ( "bufio" + "bytes" "fmt" + "io" "io/ioutil" "log" "net/http" @@ -57,12 +59,20 @@ func handleHTTP1ClientStream(b *bufio.Reader, tcpID *api.TcpID, emitter api.Emit if err != nil { log.Println("Error reading stream:", err) return err - } else { - body, _ := ioutil.ReadAll(req.Body) - req.Body.Close() - log.Printf("Received request: %+v with body: %+v\n", req, body) } + body, err := ioutil.ReadAll(req.Body) + req.Body = io.NopCloser(bytes.NewBuffer(body)) // rewind + s := len(body) + if err != nil { + SilentError("HTTP-request-body", "stream %s Got body err: %s", tcpID.Ident, err) + } + if err := req.Body.Close(); err != nil { + SilentError("HTTP-request-body-close", "stream %s Failed to close request body: %s", tcpID.Ident, err) + } + encoding := req.Header["Content-Encoding"] + Debug("HTTP/1 Request: %s %s %s (Body:%d) -> %s", tcpID.Ident, req.Method, req.URL, s, encoding) + ident := fmt.Sprintf( "%s->%s %s->%s %d", tcpID.SrcIP, @@ -84,11 +94,30 @@ func handleHTTP1ServerStream(b *bufio.Reader, tcpID *api.TcpID, emitter api.Emit if err != nil { log.Println("Error reading stream:", err) return err - } else { - body, _ := ioutil.ReadAll(res.Body) - res.Body.Close() - log.Printf("Received response: %+v with body: %+v\n", res, body) } + var req string + req = fmt.Sprintf("") + + body, err := ioutil.ReadAll(res.Body) + res.Body = io.NopCloser(bytes.NewBuffer(body)) // rewind + s := len(body) + if err != nil { + SilentError("HTTP-response-body", "HTTP/%s: failed to get body(parsed len:%d): %s", tcpID.Ident, s, err) + } + if err := res.Body.Close(); err != nil { + SilentError("HTTP-response-body-close", "HTTP/%s: failed to close body(parsed len:%d): %s", tcpID.Ident, s, err) + } + sym := "," + if res.ContentLength > 0 && res.ContentLength != int64(s) { + sym = "!=" + } + contentType, ok := res.Header["Content-Type"] + if !ok { + contentType = []string{http.DetectContentType(body)} + } + encoding := res.Header["Content-Encoding"] + Debug("HTTP/1 Response: %s %s URL:%s (%d%s%d%s) -> %s", tcpID.Ident, res.Status, req, res.ContentLength, sym, s, contentType, encoding) + ident := fmt.Sprintf( "%s->%s %s->%s %d", tcpID.DstIP, diff --git a/tap/tcp_stream_factory.go b/tap/tcp_stream_factory.go index 41d39cd9e..6ea2e83ff 100644 --- a/tap/tcp_stream_factory.go +++ b/tap/tcp_stream_factory.go @@ -65,6 +65,7 @@ func (h *tcpStreamFactory) New(net, transport gopacket.Flow) tcpassembly.Stream DstIP: net.Dst().String(), SrcPort: transport.Src().String(), DstPort: transport.Dst().String(), + Ident: fmt.Sprintf("%s:%s", net, transport), } if containsPort(allOutboundPorts, transport.Dst().String()) { go stream.clientRun(tcpID, h.Emitter)