Add new flag -v to produce verbose output, print less info without …

…`-v` (#67)

README.md

@@ -72,12 +72,27 @@ ptcpdump -r demo.pcapng
 
 ### Example output
 
+
+Default:
+
+```
+09:32:09.718892 vethee2a302f In IP 10.244.0.2.33426 > 139.178.84.217.80: Flags [S], seq 4113492822, win 64240, length 0, Process [/usr/bin/wget.3553008], Container [test], Pod [test.default]
+09:32:09.718941 eth0 Out IP 172.19.0.2.33426 > 139.178.84.217.80: Flags [S], seq 4113492822, win 64240, length 0, Process [/usr/bin/wget.3553008], Container [test], Pod [test.default]
+```
+
+With `-v`:
+
 ```
-07:19:55.978310 eth0 Out IP (tos 0x0, ttl 63, id 5180, offset 0, flags [DF], ip_proto TCP (6), length 52)
-    172.19.0.2.40746 > 139.178.84.217.80: Flags [F.], cksum 0x8cc7, seq 2012972889, ack 714167144, win 501, options [nop,nop,TS val 2112687313 ecr 864085110], length 0
-    Process (pid 1571271, cmd /usr/bin/wget, args wget kernel.org)
-    Container (name test, id aa5d0ea5c27f75f5ac7844fea4ca811bbd01fbf64e88e8a4ccab142f632cbaff, image docker.io/library/alpine:3.18, labels {"io.cri-containerd.kind":"container","io.kubernetes.container.name":"test","io.kubernetes.pod.name":"test","io.kubernetes.pod.namespace":"default","io.kubernetes.pod.uid":"9e4bc54b-de48-4b1c-8b9e-54709f67ed0c"})
-    Pod (name test, namespace default, UID 9e4bc54b-de48-4b1c-8b9e-54709f67ed0c, labels {"run":"test"}, annotations {"kubernetes.io/config.seen":"2024-06-10T01:29:58.354119146Z","kubernetes.io/config.source":"api"})
+09:32:44.613707 vethee2a302f In IP (tos 0x0, ttl 64, id 45068, offset 0, flags [DF], proto TCP (6), length 60)
+    10.244.0.2.60142 > 139.178.84.217.80: Flags [S], cksum 0xebaf, seq 1553234662, win 64240, options [mss 1460,sackOK,TS val 55511585 ecr 0,nop,wscale 7], length 0
+    Process (pid 3558755, cmd /usr/bin/wget, args wget kernel.org)
+    Container (name test, id 22786d2c79f70dbed0003c80915276943695a5674e589e72f45ea9469427bc70, image docker.io/library/alpine:3.18, labels {"io.cri-containerd.kind":"container","io.kubernetes.container.name":"test","io.kubernetes.pod.name":"test","io.kubernetes.pod.namespace":"default","io.kubernetes.pod.uid":"9e4bc54b-de48-4b1c-8b9e-54709f67ed0c"})
+    Pod (name test, namespace default, UID 9e4bc54b-de48-4b1c-8b9e-54709f67ed0c, labels {"run":"test"}, annotations {"kubernetes.io/config.seen":"2024-06-15T02:43:38.519669660Z","kubernetes.io/config.source":"api"})
+09:32:44.613758 eth0 Out IP (tos 0x0, ttl 63, id 45068, offset 0, flags [DF], proto TCP (6), length 60)
+    172.19.0.2.60142 > 139.178.84.217.80: Flags [S], cksum 0x8ccf, seq 1553234662, win 64240, options [mss 1460,sackOK,TS val 55511585 ecr 0,nop,wscale 7], length 0
+    Process (pid 3558755, cmd /usr/bin/wget, args wget kernel.org)
+    Container (name test, id 22786d2c79f70dbed0003c80915276943695a5674e589e72f45ea9469427bc70, image docker.io/library/alpine:3.18, labels {"io.cri-containerd.kind":"container","io.kubernetes.container.name":"test","io.kubernetes.pod.name":"test","io.kubernetes.pod.namespace":"default","io.kubernetes.pod.uid":"9e4bc54b-de48-4b1c-8b9e-54709f67ed0c"})
+    Pod (name test, namespace default, UID 9e4bc54b-de48-4b1c-8b9e-54709f67ed0c, labels {"run":"test"}, annotations {"kubernetes.io/config.seen":"2024-06-15T02:43:38.519669660Z","kubernetes.io/config.source":"api"})
 ```
 
 <p align="right"><a href="#top">🔝</a></p>
@@ -115,6 +130,7 @@ Flags:
       --print                Print parsed packet output, even if the raw packets are being saved to a file with the -w flag
   -r, --read-file string     Read packets from file (which was created with the -w option). e.g. ptcpdump.pcapng
   -c, --receive-count uint   Exit after receiving count packets
+  -v, --verbose count        When parsing and printing, produce (slightly more) verbose output
       --version              Print the ptcpdump and libpcap version strings and exit
   -w, --write-file string    Write the raw packets to file rather than parsing and printing them out. They can later be printed with the -r option. Standard output is used if file is '-'. e.g. ptcpdump.pcapng
 ```
@@ -182,7 +198,7 @@ Flags:
 | -tttt                                             | ✅       |                          |
 | -u                                                | ✅       |                          |
 | -U, --packet-buffered                             | ✅       |                          |
-| -v                                                | ✅       |                          |
+| -v                                                | ✅       | ✅                       |
 | -vv                                               | ✅       |                          |
 | -vvv                                              | ✅       |                          |
 | -V *file*                                         | ✅       |                          |

cmd/options.go

@@ -29,6 +29,7 @@ type Options struct {
 	dontPrintTimestamp bool
 	onlyPrintCount     bool
 	dontConvertAddr    int
+	verbose            int
 
 	eventChanSize                 uint
 	delayBeforeHandlePacketEvents time.Duration

cmd/read.go

@@ -10,6 +10,7 @@ import (
 	"github.com/mozillazg/ptcpdump/internal/metadata"
 	"github.com/mozillazg/ptcpdump/internal/parser"
 	"github.com/mozillazg/ptcpdump/internal/writer"
+	"github.com/x-way/pktdump"
 )
 
 func read(ctx context.Context, opts Options) error {
@@ -28,6 +29,9 @@ func read(ctx context.Context, opts Options) error {
 	if opts.onlyPrintCount {
 		stdoutWriter.DoNothing = true
 	}
+	if opts.verbose >= 1 {
+		stdoutWriter.FormatStyle = pktdump.FormatStyleVerbose
+	}
 
 	ext := filepath.Ext(opts.ReadPath())
 

cmd/root.go

@@ -77,6 +77,8 @@ func init() {
 		"Print only on stdout the packet count when reading capture file instead of parsing/printing the packets")
 	rootCmd.Flags().CountVarP(&opts.dontConvertAddr, "no-convert-addr", "n",
 		"Don't convert addresses (i.e., host addresses, port numbers, etc.) to names")
+	rootCmd.Flags().CountVarP(&opts.verbose, "verbose", "v",
+		"When parsing and printing, produce (slightly more) verbose output")
 }
 
 func Execute() error {

cmd/writer.go

@@ -2,18 +2,20 @@ package cmd
 
 import (
 	"fmt"
+	"io"
+	"math"
+	"os"
+	"path/filepath"
+	"runtime"
+
 	"github.com/gopacket/gopacket/layers"
 	"github.com/gopacket/gopacket/pcapgo"
 	"github.com/mozillazg/ptcpdump/internal"
 	"github.com/mozillazg/ptcpdump/internal/dev"
 	"github.com/mozillazg/ptcpdump/internal/metadata"
 	"github.com/mozillazg/ptcpdump/internal/writer"
+	"github.com/x-way/pktdump"
 	"golang.org/x/xerrors"
-	"io"
-	"math"
-	"os"
-	"path/filepath"
-	"runtime"
 )
 
 func getWriters(opts Options, pcache *metadata.ProcessCache) ([]writer.PacketWriter, func() error, error) {
@@ -60,6 +62,9 @@ func getWriters(opts Options, pcache *metadata.ProcessCache) ([]writer.PacketWri
 		stdoutWriter.OneLine = opts.oneLine
 		stdoutWriter.PrintNumber = opts.printPacketNumber
 		stdoutWriter.NoTimestamp = opts.dontPrintTimestamp
+		if opts.verbose >= 1 {
+			stdoutWriter.FormatStyle = pktdump.FormatStyleVerbose
+		}
 		writers = append(writers, stdoutWriter)
 	}
 

go.mod

@@ -115,5 +115,5 @@ require (
 
 replace (
 	github.com/gopacket/gopacket => github.com/mozillazg/gopacket v0.0.0-20240602032747-2b08f0c63614
-	github.com/x-way/pktdump => github.com/mozillazg/pktdump v0.0.0-20240512062358-b06f5829e998
+	github.com/x-way/pktdump => github.com/mozillazg/pktdump v0.0.7
 )

go.sum

@@ -193,8 +193,8 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
 github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
 github.com/mozillazg/gopacket v0.0.0-20240602032747-2b08f0c63614 h1:X92DuctbVbaRRRqpTDRW5oQd+GSAnPr1BEMNx5Z0uLo=
 github.com/mozillazg/gopacket v0.0.0-20240602032747-2b08f0c63614/go.mod h1:lnXM4VDqJTe4d2NoZr8DZMtidkhss2Y82QFlamXWfXo=
-github.com/mozillazg/pktdump v0.0.0-20240512062358-b06f5829e998 h1:kmJBNvslaeyBEoEMQV4I3Qp17prqPGKui9jZUgOJ1oI=
-github.com/mozillazg/pktdump v0.0.0-20240512062358-b06f5829e998/go.mod h1:InLCDK8kgkk26VtyPZ51e0igf15eiXDMvvQuV62Wqmw=
+github.com/mozillazg/pktdump v0.0.7 h1:mxDEq25IgyvZ3gBE3p+GhIfjF42YZ6T3lUK6AXit8JE=
+github.com/mozillazg/pktdump v0.0.7/go.mod h1:InLCDK8kgkk26VtyPZ51e0igf15eiXDMvvQuV62Wqmw=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=

internal/writer/stdout.go

@@ -21,16 +21,18 @@ type StdoutWriter struct {
 	PrintNumber bool
 	NoTimestamp bool
 	DoNothing   bool
+	FormatStyle pktdump.FormatStyle
 
 	n int64
 }
 
 func NewStdoutWriter(writer io.Writer, pcache *metadata.ProcessCache) *StdoutWriter {
 	return &StdoutWriter{
-		w:       writer,
-		pcache:  pcache,
-		Decoder: layers.LayerTypeEthernet,
-		n:       1,
+		w:           writer,
+		pcache:      pcache,
+		Decoder:     layers.LayerTypeEthernet,
+		n:           1,
+		FormatStyle: pktdump.FormatStyleNormal,
 	}
 }
 
@@ -48,16 +50,28 @@ func (w *StdoutWriter) Write(e *event.Packet) error {
 	}
 	p := w.pcache.Get(e.Pid, e.MntNs, e.NetNs, e.CgroupName)
 
-	pidInfo := fmt.Sprintf("Process (pid %d, cmd %s, args %s)",
-		e.Pid, p.Cmd, p.FormatArgs())
-	containerInfo := fmt.Sprintf("Container (name %s, id %s, image %s, labels %s)",
-		p.Container.TidyName(), p.Container.Id, p.Container.Image, p.Container.FormatLabels())
-	PodInfo := fmt.Sprintf("Pod (name %s, namespace %s, UID %s, labels %s, annotations %s)",
-		p.Pod.Name, p.Pod.Namespace, p.Pod.Uid, p.Pod.FormatLabels(), p.Pod.FormatAnnotations())
+	pidInfo := ""
+	containerInfo := ""
+	PodInfo := ""
+
+	switch {
+	case w.FormatStyle >= pktdump.FormatStyleVerbose:
+		pidInfo = fmt.Sprintf("Process (pid %d, cmd %s, args %s)",
+			e.Pid, p.Cmd, p.FormatArgs())
+		containerInfo = fmt.Sprintf("Container (name %s, id %s, image %s, labels %s)",
+			p.Container.TidyName(), p.Container.Id, p.Container.Image, p.Container.FormatLabels())
+		PodInfo = fmt.Sprintf("Pod (name %s, namespace %s, UID %s, labels %s, annotations %s)",
+			p.Pod.Name, p.Pod.Namespace, p.Pod.Uid, p.Pod.FormatLabels(), p.Pod.FormatAnnotations())
+		break
+	default:
+		pidInfo = fmt.Sprintf("Process [%s.%d]", p.Cmd, e.Pid)
+		containerInfo = fmt.Sprintf("Container [%s]", p.Container.TidyName())
+		PodInfo = fmt.Sprintf("Pod [%s.%s]", p.Pod.Name, p.Pod.Namespace)
+	}
 
 	// Decode a packet
 	packet := gopacket.NewPacket(e.Data, w.Decoder, gopacket.NoCopy)
-	formated := pktdump.Format(packet)
+	formated := pktdump.FormatWithStyle(packet, w.FormatStyle)
 
 	builder := strings.Builder{}
 
@@ -75,19 +89,36 @@ func (w *StdoutWriter) Write(e *event.Packet) error {
 	if packetType != "" {
 		builder.WriteString(fmt.Sprintf("%s ", packetType))
 	}
-	builder.WriteString(fmt.Sprintf("%s\n", formated))
-	if p.Pid > 0 {
-		builder.WriteString(fmt.Sprintf("    %s\n", pidInfo))
-	}
-	if p.Container.Id != "" {
-		builder.WriteString(fmt.Sprintf("    %s\n", containerInfo))
-	}
-	if p.Pod.Name != "" {
-		builder.WriteString(fmt.Sprintf("    %s\n", PodInfo))
+
+	switch {
+	case w.FormatStyle >= pktdump.FormatStyleVerbose:
+		builder.WriteString(fmt.Sprintf("%s\n", formated))
+		if p.Pid > 0 {
+			builder.WriteString(fmt.Sprintf("    %s\n", pidInfo))
+		}
+		if p.Container.Id != "" {
+			builder.WriteString(fmt.Sprintf("    %s\n", containerInfo))
+		}
+		if p.Pod.Name != "" {
+			builder.WriteString(fmt.Sprintf("    %s\n", PodInfo))
+		}
+		break
+	default:
+		builder.WriteString(formated)
+		if p.Pid > 0 {
+			builder.WriteString(fmt.Sprintf(", %s", pidInfo))
+		}
+		if p.Container.Id != "" {
+			builder.WriteString(fmt.Sprintf(", %s", containerInfo))
+		}
+		if p.Pod.Name != "" {
+			builder.WriteString(fmt.Sprintf(", %s", PodInfo))
+		}
+		builder.WriteString("\n")
 	}
 	msg := builder.String()
 
-	if w.OneLine {
+	if w.OneLine || w.FormatStyle < pktdump.FormatStyleVerbose {
 		var newLines []string
 		lines := strings.Split(msg, "\n")
 		for _, s := range lines {
@@ -97,7 +128,7 @@ func (w *StdoutWriter) Write(e *event.Packet) error {
 			}
 			newLines = append(newLines, s)
 		}
-		msg = strings.Join(newLines, ": ") + "\n"
+		msg = strings.Join(newLines, ", ") + "\n"
 	}
 
 	if _, err := w.w.Write([]byte(msg)); err != nil {

testdata/test_containerd.sh

@@ -13,7 +13,7 @@ function test_ptcpdump() {
   nerdctl pull busybox:1
   nerdctl pull alpine:3.18
 
-  timeout 120s ${CMD} -i any --print -w "${FNAME}" --oneline --exec-events-worker-number=50 \
+  timeout 120s ${CMD} -i any --print -w "${FNAME}" --oneline -v --exec-events-worker-number=50 \
     'host 1.1.1.1' -w "${FNAME}" | tee "${LNAME}" &
   sleep 10
 
@@ -35,7 +35,7 @@ function test_ptcpdump() {
 function test_ptcpdump_read() {
     EXPECT_NAME="${LNAME}.read.expect"
     sed 's/ [a-zA-Z0-9_-]\+ \(In\|Out\) / /g' "${LNAME}" > "${EXPECT_NAME}"
-    timeout 30s ${CMD} --oneline -r "${FNAME}" > "${RNAME}"
+    timeout 30s ${CMD} --oneline -v -r "${FNAME}" > "${RNAME}"
     cat "${RNAME}" | grep "> 1.1.1.1.80: Flags .*, args wget -T 10 1.1.1.1.* $cid1"
     cat "${RNAME}" | grep "> 1.1.1.1.80: Flags .*, args wget -T 5 1.1.1.1.* $cid2"
 }

testdata/test_docker.sh

@@ -13,7 +13,7 @@ function test_ptcpdump() {
   docker pull busybox:1
   docker pull alpine:3.18
 
-  timeout 120s ${CMD} -i any --print -w "${FNAME}" --oneline --exec-events-worker-number=50 \
+  timeout 120s ${CMD} -i any --print -w "${FNAME}" -v --oneline --exec-events-worker-number=50 \
     'host 1.1.1.1' -w "${FNAME}" | tee "${LNAME}" &
   sleep 10
 
@@ -35,7 +35,7 @@ function test_ptcpdump() {
 function test_ptcpdump_read() {
     EXPECT_NAME="${LNAME}.read.expect"
     sed 's/ [a-zA-Z0-9_-]\+ \(In\|Out\) / /g' "${LNAME}" > "${EXPECT_NAME}"
-    timeout 30s ${CMD} --oneline -r "${FNAME}" > "${RNAME}"
+    timeout 30s ${CMD} --oneline -v -r "${FNAME}" > "${RNAME}"
     cat "${RNAME}" | grep "> 1.1.1.1.80: Flags .*, args wget -T 10 1.1.1.1.* $cid1"
     cat "${RNAME}" | grep "> 1.1.1.1.80: Flags .*, args wget -T 5 1.1.1.1.* $cid2"
 }

testdata/test_exist_connection.sh

@@ -10,7 +10,7 @@ RNAME="${FILE_PREFIX}_exist_connection.read.txt"
 
 
 function test_ptcpdump() {
-  timeout 30s ${CMD} -c 10 -i any --print -w "${FNAME}" \
+  timeout 30s ${CMD} -c 10 -i any -v --print -w "${FNAME}" \
       'port 22' | tee "${LNAME}" &
   sleep 10
   echo foo

testdata/test_icmp.sh

@@ -10,7 +10,7 @@ RNAME="${FILE_PREFIX}_icmp.read.txt"
 
 
 function test_ptcpdump() {
-  timeout 30s ${CMD} -c 2 -i any --print -w "${FNAME}" \
+  timeout 30s ${CMD} -c 2 -i any --print -v -w "${FNAME}" \
 	  'icmp and host 1.1.1.1' | tee "${LNAME}" &
   sleep 10
   ping -w 10 -c 2 1.1.1.1 &>/dev/null || true
@@ -32,7 +32,7 @@ function test_tcpdump_read() {
 function test_ptcpdump_read() {
     EXPECT_NAME="${LNAME}.read.expect"
     sed 's/ [a-zA-Z0-9_-]\+ \(In\|Out\) / /g' "${LNAME}" > "${EXPECT_NAME}"
-    timeout 30s ${CMD} -r "${FNAME}" > "${RNAME}"
+    timeout 30s ${CMD} -v -r "${FNAME}" > "${RNAME}"
     diff "${EXPECT_NAME}" "${RNAME}"
 }
 

testdata/test_k8s.sh

@@ -10,7 +10,7 @@ LNAME="${FILE_PREFIX}_k8s.log"
 RNAME="${FILE_PREFIX}_k8s.read.txt"
 
 function test_ptcpdump() {
-  timeout 120s ${CMD} -i any -c 10 --print -w "${FNAME}" --oneline --exec-events-worker-number=80 \
+  timeout 120s ${CMD} -i any -c 10 --print -w "${FNAME}" --oneline -v --exec-events-worker-number=80 \
     'host 1.1.1.1' -w "${FNAME}" | tee "${LNAME}" &
   sleep 10
 
@@ -27,7 +27,7 @@ function test_ptcpdump() {
 function test_ptcpdump_read() {
     EXPECT_NAME="${LNAME}.read.expect"
     sed 's/ [a-zA-Z0-9_-]\+ \(In\|Out\) / /g' "${LNAME}" > "${EXPECT_NAME}"
-    timeout 30s ${CMD} --oneline -r "${FNAME}" > "${RNAME}"
+    timeout 30s ${CMD} --oneline -v -r "${FNAME}" > "${RNAME}"
     diff "${EXPECT_NAME}" "${RNAME}"
 }
 

testdata/test_nat.sh

@@ -10,7 +10,7 @@ RNAME="${FILE_PREFIX}_nat.read.txt"
 
 
 function test_ptcpdump() {
-  timeout 60s ${CMD} -c 20 -i any --print -w "${FNAME}" --oneline --exec-events-worker-number=50 \
+  timeout 60s ${CMD} -c 20 -i any -v --print -w "${FNAME}" --oneline --exec-events-worker-number=50 \
     'host 1.1.1.1' | tee "${LNAME}" &
   sleep 10
   docker run --rm alpine:3.18 sh -c 'wget --timeout=10 1.1.1.1 &>/dev/null || true'