working on mdns collector

2025-07-30 03:29:57 -07:00 · 2018-08-29 15:48:19 +03:00 · 2018-08-29 15:48:19 +03:00 · f6bfd683ee
commit f6bfd683ee
parent 3b6ea499dd
2 changed files with 47 additions and 9 deletions
--- a/packets/queue.go
+++ b/packets/queue.go
@ -1,6 +1,7 @@
 package packets
 import (
 	"encoding/binary"
 	"fmt"
 	"net"
 	"sync"
@ -13,9 +14,10 @@ import (
 )
 type Activity struct {
-	IP     net.IP
+	IP       net.IP
-	MAC    net.HardwareAddr
+	MAC      net.HardwareAddr
-	Source bool
+	Hostname string
 	Source   bool
 }
 type Traffic struct {
@ -112,12 +114,13 @@ func (q *Queue) trackProtocols(pkt gopacket.Packet) {
 	}
 }
-func (q *Queue) trackActivity(eth *layers.Ethernet, ip4 *layers.IPv4, address net.IP, pktSize uint64, isSent bool) {
+func (q *Queue) trackActivity(eth *layers.Ethernet, ip4 *layers.IPv4, address net.IP, hostname string, pktSize uint64, isSent bool) {
 	// push to activity channel
 	q.Activities <- Activity{
-		IP:     address,
+		IP:       address,
-		MAC:    eth.SrcMAC,
+		MAC:      eth.SrcMAC,
-		Source: isSent,
+		Hostname: hostname,
 		Source:   isSent,
 	}
 	q.Lock()
@ -162,6 +165,35 @@ func (q *Queue) TrackError() {
 	q.Stats.Errors++
 }
 func (q *Queue) getHostname(eth *layers.Ethernet, ip *layers.IPv4, pkt gopacket.Packet) string {
 	if ludp := pkt.Layer(layers.LayerTypeUDP); ludp != nil {
 		if udp := ludp.(*layers.UDP); udp != nil && udp.SrcPort == 5353 && udp.DstPort == 5353 {
 			data := udp.Payload
 			dataSize := len(data)
 			// mDNS query response, no errors
 			if dataSize > 4 && data[2] == 0x84 && data[3] == 0x00 {
 				// no questions
 				if dataSize > 6 && data[4] == 0x00 && data[5] == 0x00 {
 					if dataSize > 8 {
 						nAnswers := binary.BigEndian.Uint16(data[6:8])
 						auth := binary.BigEndian.Uint16(data[9:11])
 						addt := binary.BigEndian.Uint16(data[12:14])
 						for i := 0; i < nAnswers; i++ {
 						}
 						return fmt.Sprintf("%d answs", nAnswers)
 					}
 				}
 				return "OK"
 			}
 		}
 	}
 	return ""
 }
 func (q *Queue) worker() {
 	for pkt := range q.srcChannel {
 		if !q.active {
@ -190,14 +222,14 @@ func (q *Queue) worker() {
 			isFromMe := q.iface.IP.Equal(ip4.SrcIP)
 			isFromLAN := q.iface.Net.Contains(ip4.SrcIP)
 			if !isFromMe && isFromLAN {
-				q.trackActivity(eth, ip4, ip4.SrcIP, pktSize, true)
+				q.trackActivity(eth, ip4, ip4.SrcIP, q.getHostname(eth, ip4, pkt), pktSize, true)
 			}
 			// something going to someone on the LAN
 			isToMe := q.iface.IP.Equal(ip4.DstIP)
 			isToLAN := q.iface.Net.Contains(ip4.DstIP)
 			if !isToMe && isToLAN {
-				q.trackActivity(eth, ip4, ip4.DstIP, pktSize, false)
+				q.trackActivity(eth, ip4, ip4.DstIP, "", pktSize, false)
 			}
 		}
 	}
--- a/session/session_setup.go
+++ b/session/session_setup.go
@ -90,6 +90,12 @@ func (s *Session) startNetMon() {
 				existing := s.Lan.AddIfNew(addr, mac)
 				if existing != nil {
 					existing.LastSeen = time.Now()
 				} else {
 					existing, _ = s.Lan.Get(mac)
 				}
 				if existing != nil && existing.Hostname == "" && event.Hostname != "" {
 					existing.Hostname = event.Hostname
 				}
 			}
 		}