From 5fcb7ed4ced742d03f79ca96a4ebaf6dd734c33c Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Thu, 30 Aug 2018 16:19:11 +0000
Subject: [PATCH] glutton structured json logging

---
 docker/glutton/Dockerfile     |  9 ++++--
 docker/glutton/Dockerfile.old | 58 +++++++++++++++++++++++++++++++++++
 docker/glutton/dist/tcp.go    | 44 ++++++++++++++++++++++++++
 3 files changed, 108 insertions(+), 3 deletions(-)
 create mode 100644 docker/glutton/Dockerfile.old
 create mode 100644 docker/glutton/dist/tcp.go

diff --git a/docker/glutton/Dockerfile b/docker/glutton/Dockerfile
index 0507d55e..5d640be7 100644
--- a/docker/glutton/Dockerfile
+++ b/docker/glutton/Dockerfile
@@ -16,12 +16,15 @@ RUN apk -U --no-cache add \
 
 # Setup go, glutton
     export GOPATH=/opt/go/ && \
-    mkdir -p /opt/go/ && \
     go get -d github.com/mushorg/glutton && \
-    go get -u github.com/golang/dep/cmd/dep && \
+    cd /opt/go/src/github.com/satori/ && \
+    rm -rf go.uuid && \ 
+    git clone https://github.com/satori/go.uuid && \
+    cd go.uuid && \
+    git checkout v1.2.0 && \
     mv /root/dist/system.go /opt/go/src/github.com/mushorg/glutton/ && \
+    mv /root/dist/tcp.go /opt/go/src/github.com/mushorg/glutton/ && \
     cd /opt/go/src/github.com/mushorg/glutton/ && \
-    /opt/go/bin/dep ensure && \
     make build && \
     cd / && \
     mkdir -p /opt/glutton && \
diff --git a/docker/glutton/Dockerfile.old b/docker/glutton/Dockerfile.old
new file mode 100644
index 00000000..21f38f86
--- /dev/null
+++ b/docker/glutton/Dockerfile.old
@@ -0,0 +1,58 @@
+FROM alpine
+
+# Include dist
+ADD dist/ /root/dist/
+  
+# Setup apk
+RUN apk -U --no-cache add \
+                   build-base \
+                   git \
+                   go \
+                   g++ \
+                   iptables-dev \
+                   libnetfilter_queue-dev \
+                   libcap \
+                   libpcap-dev && \
+
+# Setup go, glutton
+    export GOPATH=/opt/go/ && \
+    mkdir -p /opt/go/src/github.com/satori/ && \
+    go get -d github.com/mushorg/glutton && \
+#    go get -u github.com/golang/dep/cmd/dep && \
+    cd /opt/go/src/github.com/satori/ && \
+    rm -rf go.uuid && \ 
+    git clone https://github.com/satori/go.uuid && \
+    cd go.uuid && \
+    git checkout v1.2.0 && \
+    mv /root/dist/system.go /opt/go/src/github.com/mushorg/glutton/ && \
+    mv /root/dist/tcp.go /opt/go/src/github.com/mushorg/glutton/ && \
+    cd /opt/go/src/github.com/mushorg/glutton/ && \
+#    /opt/go/bin/dep ensure && \
+    make build && \
+    cd / && \
+    mkdir -p /opt/glutton && \
+    mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \
+    mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \
+    mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \
+    setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \
+    setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-multi && \
+
+# Setup user, groups and configs
+    addgroup -g 2000 glutton && \
+    adduser -S -s /bin/ash -u 2000 -D -g 2000 glutton && \
+    mkdir -p /var/log/glutton && \
+    mv /root/dist/rules.yaml /opt/glutton/rules/ && \
+
+# Clean up
+    apk del --purge build-base \
+                    git \
+                    go \
+                    g++ && \
+    rm -rf /var/cache/apk/* \
+           /opt/go \
+           /root/dist
+
+# Start glutton 
+WORKDIR /opt/glutton
+USER glutton:glutton
+CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log
diff --git a/docker/glutton/dist/tcp.go b/docker/glutton/dist/tcp.go
new file mode 100644
index 00000000..be7999e1
--- /dev/null
+++ b/docker/glutton/dist/tcp.go
@@ -0,0 +1,44 @@
+package glutton
+
+import (
+	"context"
+	"encoding/hex"
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/kung-foo/freki"
+	"go.uber.org/zap"
+)
+
+// HandleTCP takes a net.Conn and peeks at the data send
+func (g *Glutton) HandleTCP(ctx context.Context, conn net.Conn) (err error) {
+	defer func() {
+		err = conn.Close()
+		if err != nil {
+			g.logger.Error(fmt.Sprintf("[log.tcp ] error: %v", err))
+		}
+	}()
+	host, port, err := net.SplitHostPort(conn.RemoteAddr().String())
+	if err != nil {
+		g.logger.Error(fmt.Sprintf("[log.tcp ] error: %v", err))
+	}
+	ck := freki.NewConnKeyByString(host, port)
+	md := g.processor.Connections.GetByFlow(ck)
+	buffer := make([]byte, 1024)
+	n, err := conn.Read(buffer)
+	if err != nil {
+		g.logger.Error(fmt.Sprintf("[log.tcp ] error: %v", err))
+	}
+	if n > 0 && n < 1024 {
+		g.logger.Info(
+			fmt.Sprintf("Packet got handled by TCP handler"),
+			zap.String("dest_port", strconv.Itoa(int(md.TargetPort))),
+			zap.String("src_ip", host),
+			zap.String("src_port", port),
+			zap.String("handler", "tcp"),
+			zap.String("payload_hex", hex.EncodeToString(buffer[0:n])),
+		)
+	}
+	return err
+}