fix: ASW-194 tcpdump 捕包增加过滤条件

author: zhangshuai <[email protected]> 2024-11-27 10:44:26 +0800
committer: zhangshuai <[email protected]> 2024-11-27 10:44:26 +0800
commit: 308b30a656ce999e3a1097c6cd3298535ed7f4db (patch)
tree: a999e22d9a99e63386fff000811e8812c59e702f
parent: fa15fd76ca765e823d8695a1a2062688068b4e8d (diff)
1 files changed, 37 insertions, 5 deletions
diff --git a/src/main/java/net/geedge/api/util/AdbUtil.java b/src/main/java/net/geedge/api/util/AdbUtil.java
index fe785c4..36ce066 100644
--- a/src/main/java/net/geedge/api/util/AdbUtil.java
+++ b/src/main/java/net/geedge/api/util/AdbUtil.java
@@ -619,11 +619,27 @@ public class AdbUtil {
                     .build());
             commandExec.exec(AdbCommandBuilder.builder()
                     .serial(this.getSerial())
-                    .buildShellCommand(String.format("shell iptables -A INPUT -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .buildShellCommand(String.format("shell iptables -A INPUT -p tcp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
                     .build());
             commandExec.exec(AdbCommandBuilder.builder()
                     .serial(this.getSerial())
-                    .buildShellCommand(String.format("shell iptables -A OUTPUT -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .buildShellCommand(String.format("shell iptables -A INPUT -p udp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .build());
+            commandExec.exec(AdbCommandBuilder.builder()
+                    .serial(this.getSerial())
+                    .buildShellCommand(String.format("shell iptables -A INPUT -p icmp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .build());
+            commandExec.exec(AdbCommandBuilder.builder()
+                    .serial(this.getSerial())
+                    .buildShellCommand(String.format("shell iptables -A OUTPUT -p tcp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .build());
+            commandExec.exec(AdbCommandBuilder.builder()
+                    .serial(this.getSerial())
+                    .buildShellCommand(String.format("shell iptables -A OUTPUT -p udp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                    .build());
+            commandExec.exec(AdbCommandBuilder.builder()
+                    .serial(this.getSerial())
+                    .buildShellCommand(String.format("shell iptables -A OUTPUT -p icmp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
                     .build());
 
             String ruleList = commandExec.exec(AdbCommandBuilder.builder()
@@ -644,7 +660,7 @@ public class AdbUtil {
             String pcapFilePath = "/data/local/tmp/capture_all_" + taskId + ".pcap";
             commandExec.execForProcess(AdbCommandBuilder.builder()
                     .serial(this.getSerial())
-                    .buildShellCommand(String.format("shell tcpdump not port %s -w %s &", this.vncPort, pcapFilePath))
+                    .buildShellCommand(String.format("shell \"tcpdump '(tcp or udp or icmp) and not (port %s or port 53 or port 67 or port 68 or port 123 or port 1900 or port 5353 or port 69)' -w %s &\"", this.vncPort, pcapFilePath))
                     .build());
         }
 
@@ -677,11 +693,27 @@ public class AdbUtil {
                         .build());
                 commandExec.exec(AdbCommandBuilder.builder()
                         .serial(this.getSerial())
-                        .buildShellCommand(String.format("shell iptables -D INPUT -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .buildShellCommand(String.format("shell iptables -D INPUT -p tcp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .build());
+                commandExec.exec(AdbCommandBuilder.builder()
+                        .serial(this.getSerial())
+                        .buildShellCommand(String.format("shell iptables -D INPUT -p udp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .build());
+                commandExec.exec(AdbCommandBuilder.builder()
+                        .serial(this.getSerial())
+                        .buildShellCommand(String.format("shell iptables -D INPUT -p icmp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .build());
+                commandExec.exec(AdbCommandBuilder.builder()
+                        .serial(this.getSerial())
+                        .buildShellCommand(String.format("shell iptables -D OUTPUT -p tcp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .build());
+                commandExec.exec(AdbCommandBuilder.builder()
+                        .serial(this.getSerial())
+                        .buildShellCommand(String.format("shell iptables -D OUTPUT -p udp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
                         .build());
                 commandExec.exec(AdbCommandBuilder.builder()
                         .serial(this.getSerial())
-                        .buildShellCommand(String.format("shell iptables -D OUTPUT -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
+                        .buildShellCommand(String.format("shell iptables -D OUTPUT -p icmp -m connmark --mark %s -j NFLOG --nflog-group %s", userId, userId))
                         .build());
             }
         }
author	zhangshuai <[email protected]>	2024-11-27 10:44:26 +0800
committer	zhangshuai <[email protected]>	2024-11-27 10:44:26 +0800
commit	308b30a656ce999e3a1097c6cd3298535ed7f4db (patch)
tree	a999e22d9a99e63386fff000811e8812c59e702f
parent	fa15fd76ca765e823d8695a1a2062688068b4e8d (diff)