ayyaruq / zanarkand Goto Github PK
View Code? Open in Web Editor NEWNetwork capture library for realtime FFXIV Frame and FFXIV Message reading from a TCP/IP stream
License: MIT License
Network capture library for realtime FFXIV Frame and FFXIV Message reading from a TCP/IP stream
License: MIT License
Requires Go 1.18 beta 1, but I dislike beta releases. Schedule looks like 1.18 is released in Feb 2022 tho, so we can get started and test at least. The Frame and Message decoders can all be ported to generics, along with Subscribers as they're basically fulfilling an interface but otherwise identical.
Note that this should use type constraints, as the syntax without constraints is kinda gross, and constraints make it easier to add more decoders in the future.
Examples of ReadFrame
and ReadMessage
and maybe some stuff you can do with them. Printing Frames is probably fine, maybe some stuff for live reading vs PCAP files. Maybe Inventory tracking?
As per the 6.1 or so changes to introduce Oodle compression. There's a few options here and I'm not sure what's best, leaning towards an interface for decompressors and allowing it to be user's choice. The following are what I had in mind:
eBPF is particularly interesting, effectively allowing the Linux kernel network stack to decode packets on receive and re-encode them on send, so anything using the data has full access without any compression in the way. The downside is that it only runs on Linux as eBPF doesn't exist on other platforms unless you count BSD separately.
LLIR is likely the most simple to use and maintain even though it sounds really weird, the downside is that it loses all of the ASM optimisations the official Oodle static lib has, but those might be trivial and third party libs lack them anyway.
Add a context to sniffers and subscribers, so that cancelling a subscriber or sniffer directly can use a context provided by user or internally to manage shutdown timeouts and drainage. Might need a const somewhere to more optimally configure timeouts, since it's hardcoded right now. A configuration block to the sniffer init maybe?
Using a channel for reassembled data has proven less than optimal, specifically it's difficult to debug and is too strict on types and how we return data. Switching to a straight up data buffer and isolate ingress and egress seems like the best way to address this.
Simple go-test for the decoder and sniffer, connected to CI.
To enable more accurate latency tracking than simple ICMP echo requests, add the TCP RTT for each packet to the encapsulating Frame. This could get a bit weird with retransmitted Frames but still useful.
We currently just kinda yolo return fmt.Errorf()
or the occasional errors.New()
. A proper set of error types should be used with wrapping to allow users to appropriately respond to different errors. Packet reassembly errors currently can't even be accessed, so that should be addressed too.
Subscribers currently expose the IPC streams for ingress and egress as channels. While this works well for low volume packets, usually when you know exactly what you want, it's probably worth having a callback style option for users that prefer it.
Frames being decoded inside the reassembler has been bad for performance and stability. This should be moved out of the reassembler, which is also useful to give some way of accessing the frame timestamp in consuming IPCs (nfi how to best present this tho), could be nice to have since frames have a higher resolution timestamp than IPCs even if it's somewhat less reliable.
To allow users to more easily filter opcodes, improve the Frame and Subscriber interfaces. The main changes here would be as follows:
One option is to have Subscriber
take callbacks for sent/received frames instead of changing the structure. Additionally, Frame
could be implemented as a custom gopacket layer decoder, but I have no idea how that works with tcpassembly
. We could also just wrap the FrameHeader
straight up into the various Message types.
If we used callbacks like Machina, we could have a function per direction and just track the connection type field from the Frame
. It would still be up to the user how to get data out of it so I'm not sure if this is actually useful though. As an example of Subscriber
using callbacks, the sig could be updated like this:
func (g *GameEventSubscriber) Subscribe(
s *Sniffer,
recv func(c uint16, p []byte),
send func(c uint16, p []byte)
)
GameEvent and Keepalive messages currently have subscribers, but not the other types, this would be the session and encryption initialisation. I'm a bit hesitant for the latter since I don't want to enable usage for botting, and there's no real value in session parsing.
Add an optional second parameter to Subscribe methods that takes a function to filter the data before it's published in the channel. This is mostly useful for segment/opcode pre-filtering and should reduce load in the consumer.
Readers should use a pool to reduce allocation overhead. Some large packet bursts can cause problems with the zlib decoder blocking the frame buffer. Pooled readers should be properly closed when the subscriber is shutdown.
Currently only pcap for files and interfaces is supported. The ability to select different capture sources should be added for flexibility and performance on different platforms.
This requires a device struct and a way to set it when a sniffer is initialised. Device options should cover as much as gopacket
supports, currently as follows:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.