added packet queue to fix possible packet losses

Author: shadowy-pycoder

README.md

@@ -1,4 +1,5 @@
 ![mshark_new](https://github.com/user-attachments/assets/ee1b9526-dcae-4ff8-962d-315897e49ed0)
+
 # mShark - Mini [Wireshark](https://www.wireshark.org/) written in Go
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/shadowy-pycoder/mshark.svg)](https://pkg.go.dev/github.com/shadowy-pycoder/mshark)
@@ -8,7 +9,6 @@
 ![GitHub Release](https://img.shields.io/github/v/release/shadowy-pycoder/mshark)
 ![GitHub Downloads (all assets, all releases)](https://img.shields.io/github/downloads/shadowy-pycoder/mshark/total)
 
-
 ## Installation
 
 Download release from [Releases](https://github.com/shadowy-pycoder/mshark/releases) Page.
@@ -18,9 +18,11 @@ Or install using `go install` (requires Go 1.23+ but may work with older version
 ```shell
 CGO_ENABLED=0 go install -ldflags "-s -w" -trimpath github.com/shadowy-pycoder/mshark/cmd/mshark@latest
 ```
+
 This will install the `mshark` binary to your `$GOPATH/bin` directory.
 
-If you are getting a `Permission denied` error when running `mshark`, try running 
+If you are getting a `Permission denied` error when running `mshark`, try running
+
 ```shell
 sudo setcap cap_net_raw+ep ~/go/bin/mshark
 ```
@@ -30,24 +32,26 @@ sudo setcap cap_net_raw+ep ~/go/bin/mshark
 ```shell
 mshark -h
 
-                ______   __                            __       
-               /      \ |  \                          |  \      
- ______ ____  |  $$$$$$\| $$____    ______    ______  | $$   __ 
+                ______   __                            __
+               /      \ |  \                          |  \
+ ______ ____  |  $$$$$$\| $$____    ______    ______  | $$   __
 |      \    \ | $$___\$$| $$    \  |      \  /      \ | $$  /  \
 | $$$$$$\$$$$\ \$$    \ | $$$$$$$\  \$$$$$$\|  $$$$$$\| $$_/  $$
-| $$ | $$ | $$ _\$$$$$$\| $$  | $$ /      $$| $$   \$$| $$   $$ 
-| $$ | $$ | $$|  \__| $$| $$  | $$|  $$$$$$$| $$      | $$$$$$\ 
+| $$ | $$ | $$ _\$$$$$$\| $$  | $$ /      $$| $$   \$$| $$   $$
+| $$ | $$ | $$|  \__| $$| $$  | $$|  $$$$$$$| $$      | $$$$$$\
 | $$ | $$ | $$ \$$    $$| $$  | $$ \$$    $$| $$      | $$  \$$\
  \$$  \$$  \$$  \$$$$$$  \$$   \$$  \$$$$$$$ \$$       \$$   \$$
-                                                                                                                                                                                              
-Packet Capture Tool by shadowy-pycoder 
+
+Packet Capture Tool by shadowy-pycoder
 
 GitHub: https://github.com/shadowy-pycoder/mshark
 
 Usage: mshark [OPTIONS]
 Options:
   -h    Show this help message and exit.
   -D    Display list of interfaces and exit.
+  -b int
+        The maximum size of packet queue. (default 4096)
   -c int
         The maximum number of packets to capture.
   -e string
@@ -62,13 +66,14 @@ Options:
   -t duration
         The maximum duration of the packet capture process. Example: 5s
   -v	Display full packet info when capturing to stdout or txt.
-``` 
+```
 
 ### Example
 
 ```shell
 mshark -p -f=txt -f=stdout -f=pcapng -i eth0 -e="port 53"
 ```
+
 The above command will capture packets containing `port 53` (assumed to be DNS queries) from the `eth0` interface and write the captured data to `stdout`, `txt`, and file in `pcapng` format. Files are created in the current working directory.
 
 Output:
@@ -79,20 +84,21 @@ Output:
 - Promiscuous Mode: true
 - Timeout: 0s
 - Number of Packets: 0
+- Packet Buffer Size: 4096
 - BPF Filter: "port 53"
 - Verbose: false
 ```
+
 ![Screenshot from 2024-09-17 09-37-50](https://github.com/user-attachments/assets/44c233ee-85a4-43f2-8f65-1ef239362bab)
 
 With `-v` flag enabled, you will see more detailed information:
 
-
 ![Screenshot from 2024-09-17 09-56-20](https://github.com/user-attachments/assets/11539ea7-779e-4faf-8fce-2eea9ab653c7)
 ![Screenshot from 2024-09-17 09-56-47](https://github.com/user-attachments/assets/26b6353d-d312-40c5-9917-3f2f7bb8abdc)
 
 ## Supported layers
 
-- [Ethernet](https://en.wikipedia.org/wiki/Ethernet_frame) 
+- [Ethernet](https://en.wikipedia.org/wiki/Ethernet_frame)
 - [IPv4](https://en.wikipedia.org/wiki/IPv4)
 - [IPv6](https://en.wikipedia.org/wiki/IPv6)
 - [ARP](https://en.wikipedia.org/wiki/Address_Resolution_Protocol)
@@ -107,7 +113,6 @@ With `-v` flag enabled, you will see more detailed information:
 - [SSH](https://en.wikipedia.org/wiki/Secure_Shell)
 - [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security)
 
-
 ## Roadmap
 
 - [x] Online packet capture to `stdout`, `txt`, `pcap` and `pcapng` files

cmd/mshark/cli.go

@@ -102,6 +102,7 @@ func root(args []string) error {
 	)
 	flags.DurationVar(&conf.Timeout, "t", 0, "The maximum duration of the packet capture process. Example: 5s")
 	flags.IntVar(&conf.PacketCount, "c", 0, "The maximum number of packets to capture.")
+	packetBuffer := flags.Int("b", 4096, "The maximum size of packet queue.")
 	flags.StringVar(&conf.Expr, "e", "", `BPF filter expression. Example: "ip proto tcp".`)
 	flags.BoolFunc("D", "Display list of interfaces and exit.", func(flagValue string) error {
 		if err := displayInterfaces(); err != nil {
@@ -141,6 +142,11 @@ func root(args []string) error {
 	}
 	conf.Snaplen = *snaplen
 
+	if *packetBuffer <= 0 {
+		*packetBuffer = 4096
+	}
+	conf.PacketBuffer = *packetBuffer
+
 	// creating writers and writing headers depending on a file extension
 	var pw []ms.PacketWriter
 	if len(exts) != 0 {

mshark.go

@@ -33,12 +33,13 @@ type PacketWriter interface {
 }
 
 type Config struct {
-	Device      *net.Interface // The name of the network interface ("any" means listen on all interfaces).
-	Snaplen     int            // The maximum length of each packet snapshot.
-	Promisc     bool           // Promiscuous mode. This setting is ignored for "any" interface.
-	Timeout     time.Duration  // The maximum duration of the packet capture process.
-	PacketCount int            // The maximum number of packets to capture.
-	Expr        string         // BPF filter expression.
+	Device       *net.Interface // The name of the network interface ("any" means listen on all interfaces).
+	Snaplen      int            // The maximum length of each packet snapshot.
+	Promisc      bool           // Promiscuous mode. This setting is ignored for "any" interface.
+	Timeout      time.Duration  // The maximum duration of the packet capture process.
+	PacketCount  int            // The maximum number of packets to capture.
+	PacketBuffer int            // The maximum size for packet buffer (Default: 4096)
+	Expr         string         // BPF filter expression.
 }
 
 type Writer struct {
@@ -121,6 +122,7 @@ func (mw *Writer) WriteHeader(c *Config) error {
 - Promiscuous Mode: %v
 - Timeout: %s
 - Number of Packets: %d
+- Packet Buffer Size: %d
 - BPF Filter: %q
 - Verbose: %v
 
@@ -130,6 +132,7 @@ func (mw *Writer) WriteHeader(c *Config) error {
 		c.Device.Name != "any" && c.Promisc,
 		c.Timeout,
 		c.PacketCount,
+		c.PacketBuffer,
 		c.Expr,
 		mw.verbose,
 	)
@@ -239,10 +242,31 @@ func OpenLive(conf *Config, pw ...PacketWriter) error {
 	infinity := count == 0
 
 	b := make([]byte, conf.Snaplen)
+	if conf.PacketBuffer <= 0 {
+		conf.PacketBuffer = 4096
+	}
+	packetQueue := make(chan []byte, conf.PacketBuffer)
+
+	go func() {
+		for {
+			select {
+			case <-done:
+				return
+			case packet, ok := <-packetQueue:
+				if !ok {
+					return
+				}
+				for _, w := range pw {
+					w.WritePacket(time.Now().UTC(), packet)
+				}
+			}
+		}
+	}()
 
 	for i := 0; infinity || i < count; i++ {
 		select {
 		case <-done:
+			close(packetQueue)
 			return nil
 		default:
 			n, _, err := c.ReadFrom(b)
@@ -252,11 +276,8 @@ func OpenLive(conf *Config, pw ...PacketWriter) error {
 				}
 				return fmt.Errorf("failed to read Ethernet frame: %v", err)
 			}
-			for _, w := range pw {
-				if err := w.WritePacket(time.Now().UTC(), b[:n]); err != nil && !errors.Is(err, layers.ErrTLSTooShort) {
-					return err
-				}
-			}
+			p := append([]byte(nil), b[:n]...)
+			packetQueue <- p
 		}
 	}
 	return nil