user: prepare for service-oriented architecture.

[cfc4n]

当eCapture进程启动后，同时监听28256端口，接收来自此端口的http请求，用来重新加载配置。
Once the eCapture process is initiated, it simultaneously listens to port 28256, receiving HTTP requests from this port for the purpose of reloading configurations.

启动服务 Start the service

sudo bin/ecapture tls -m pcap -i ens160 -w a.pcapng port 443
2024-05-19T06:37:52Z INF AppName="eCapture(旁观者)"
2024-05-19T06:37:52Z INF HomePage=https://ecapture.cc
2024-05-19T06:37:52Z INF Repository=https://github.com/gojue/ecapture
2024-05-19T06:37:52Z INF Author="CFC4N <cfc4ncs@gmail.com>"
2024-05-19T06:37:52Z INF Description="Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64."
2024-05-19T06:37:52Z INF Version=v0.0.0_unknow
2024-05-19T06:37:52Z INF listen=localhost:28256
2024-05-19T06:37:52Z INF https server starting...You can update the configuration file via the HTTP interface.
2024-05-19T06:37:52Z WRN ========== module starting. ==========
2024-05-19T06:37:52Z INF Kernel Info=5.15.148 Pid=196385
2024-05-19T06:37:52Z INF BTF bytecode mode: CORE. btfMode=0
2024-05-19T06:37:52Z INF module initialization. isReload=false moduleName=EBPFProbeOPENSSL
2024-05-19T06:37:52Z INF Module.Run()
2024-05-19T06:37:52Z INF OpenSSL/BoringSSL version not found from shared library file, used default version OpenSSL Version=linux_default_3_0
2024-05-19T06:37:52Z INF HOOK type:Golang elf ElfType=2 IFindex=2 IFname=ens160 PcapFilter="port 443" binrayPath=/usr/lib/aarch64-linux-gnu/libssl.so.3
2024-05-19T06:37:52Z INF Hook masterKey function Functions=["SSL_get_wbio","SSL_in_before","SSL_do_handshake"]
2024-05-19T06:37:52Z INF target all process.
2024-05-19T06:37:52Z INF target all users.
2024-05-19T06:37:52Z INF setupManagers eBPFProgramType=PcapNG
2024-05-19T06:37:52Z INF BPF bytecode file is matched. bpfFileName=user/bytecode/openssl_3_0_0_kern_core.o
2024-05-19T06:37:52Z INF packets saved into pcapng file. pcapng path=/home/cfc4n/project/ecapture/a.pcapng
2024-05-19T06:37:52Z INF perfEventReader created mapSize(MB)=4
2024-05-19T06:37:52Z INF perfEventReader created mapSize(MB)=4
2024-05-19T06:37:52Z INF module started successfully. isReload=false moduleName=EBPFProbeOPENSSL
2024-05-19T06:37:55Z INF config send to channel. config={"AndroidVer":"","ElfType":2,"IsAndroid":false,"btf_mode":2,"cgrouppath":"/sys/fs/cgroup","debug":false,"ifname":"ens160","is_hex":false,"keylog":"ecapture_openssl_key.og","listen":"","logger_addr":"","logger_tcp_addr":"","logger_type":0,"model":"pcap","openssl":"/usr/lib/aarch64-linux-gnu/libssl.so.3","pcapfile":"a.pcapng","pcapfilter":"port 443","per_cpu_map_size":4194304,"pid":0,"pthread":"/lib/aarch64-linux-gnu/libc.so.6","sslversion":"","uid":0}
2024-05-19T06:37:55Z INF [GIN] 2024/05/19 - 06:37:55 | 200 |    2.863644ms |       127.0.0.1 | POST     "/tls"
2024-05-19T06:37:55Z WRN ========== Signal received; the module will initiate a restart. ==========
2024-05-19T06:37:55Z INF module close.
2024-05-19T06:37:55Z WRN nothing captured, please check your network interface, see "ecapture tls -h" for more information.
2024-05-19T06:37:55Z INF Module closed,message recived from Context
2024-05-19T06:37:55Z INF iModule module close
2024-05-19T06:37:55Z INF reloading module... config={"AndroidVer":"","ElfType":2,"IsAndroid":false,"btf_mode":2,"cgrouppath":"/sys/fs/cgroup","debug":false,"ifname":"ens160","is_hex":false,"keylog":"ecapture_openssl_key.og","listen":"","logger_addr":"","logger_tcp_addr":"","logger_type":0,"model":"pcap","openssl":"/usr/lib/aarch64-linux-gnu/libssl.so.3","pcapfile":"a.pcapng","pcapfilter":"port 443","per_cpu_map_size":4194304,"pid":0,"pthread":"/lib/aarch64-linux-gnu/libc.so.6","sslversion":"","uid":0}
2024-05-19T06:37:55Z WRN ========== module starting. ==========
2024-05-19T06:37:55Z INF Kernel Info=5.15.148 Pid=196385
2024-05-19T06:37:55Z INF BTF bytecode mode: non-CORE. btfMode=2
2024-05-19T06:37:55Z INF module initialization. isReload=false moduleName=EBPFProbeOPENSSL
2024-05-19T06:37:55Z INF Module.Run()
2024-05-19T06:37:55Z INF OpenSSL/BoringSSL version not found from shared library file, used default version OpenSSL Version=linux_default_3_0
2024-05-19T06:37:55Z INF HOOK type:Golang elf ElfType=2 IFindex=2 IFname=ens160 PcapFilter="port 443" binrayPath=/usr/lib/aarch64-linux-gnu/libssl.so.3
2024-05-19T06:37:55Z INF Hook masterKey function Functions=["SSL_get_wbio","SSL_in_before","SSL_do_handshake"]
2024-05-19T06:37:55Z INF target all process.
2024-05-19T06:37:55Z INF target all users.
2024-05-19T06:37:55Z INF setupManagers eBPFProgramType=PcapNG
2024-05-19T06:37:55Z INF BPF bytecode file is matched. bpfFileName=user/bytecode/openssl_3_0_0_kern_noncore.o
2024-05-19T06:37:55Z INF packets saved into pcapng file. pcapng path=/home/cfc4n/project/ecapture/a.pcapng
2024-05-19T06:37:55Z INF perfEventReader created mapSize(MB)=4
2024-05-19T06:37:55Z INF perfEventReader created mapSize(MB)=4
2024-05-19T06:37:55Z INF module started successfully. isReload=false moduleName=EBPFProbeOPENSSL

发送http请求，重置配置 Send an HTTP request to reset the configuration,

比如，这里把btf_mode改为2 .
for example, change btf_mode to 2 here.

curl -X POST -H "Content-Type: application/json" -d '{"pid":0,"uid":0,"listen":"","per_cpu_map_size":4194304,"is_hex":false,"debug":false,"btf_mode":2,"addr_type":0,"address":"","logger_addr":"","openssl":"/usr/lib/aarch64-linux-gnu/libssl.so.3","pthread":"/lib/aarch64-linux-gnu/libc.so.6","model":"pcap","pcapfile":"a.pcapng","keylog":"ecapture_openssl_key.og","ifname":"ens160","pcapfilter":"port 443","sslversion":"","cgrouppath":"/sys/fs/cgroup","ElfType":2,"IsAndroid":false,"AndroidVer":""}' http://127.0.0.1:28256/tls
{"code":0,"module_type":"EBPFProbeOPENSSL","msg":"RespOK","data":null}