md/20251016.md

## 1、下载并上传 openjdk zulu 21 压缩包

- 下载地址：https://www.azul.com/downloads/?version=java-21-lts&package=jdk#zulu
- 解压到 /hook/jdk21 目录下

## 2、上传 TShark.java 文件，源码如下

```java
import java.io.*;
import java.nio.file.Path;
import java.time.ZoneId;
import java.util.List;
import java.util.TimeZone;

public final class TShark {
    public static void main(String[] args) throws Exception {
        TimeZone.setDefault(TimeZone.getTimeZone(ZoneId.of("Asia/Shanghai")));
        Path path = Path.of("shark.log");
        File sharkLog = path.toFile();
        if (!sharkLog.exists() && !sharkLog.createNewFile()) {
            throw new RuntimeException("create shark.log failure");
        }
//        DateTimeFormatter timeFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
        Process process = startSharkProcess();
        System.out.println("start tshark success");
        startProcessSharkThread(process, sharkLog);
        System.out.println("start process thread success");
        int exitCode = process.waitFor();
        System.out.println("tshark process is dead, exit code: " + exitCode);
    }

    private static void startProcessSharkThread(Process process, File sharkLog) {
        Thread thread = new Thread(() -> {
            try (BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
                 BufferedWriter fileWriter = new BufferedWriter(new FileWriter(sharkLog, true))) {
                String line;
                while ((line = reader.readLine()) != null) {
                    fileWriter.write(line + System.lineSeparator());
                }
                fileWriter.flush();
            } catch (Exception e) {
                e.printStackTrace();
            }
        });
        thread.setName("TShark-thread");
        thread.start();
    }

    public static Process startSharkProcess() throws IOException {
        List<String> cmd = List.of(
                "tshark",
                "-l",
                "-i",
                "\\Device\\NPF_{807C63AC-179D-4AC8-BD56-85CE8AA179DB}",
                "-Y",
                "tcp.port == 33000 && http.request.method == \"POST\"",
                "-V"
        );
        ProcessBuilder processBuilder = new ProcessBuilder(cmd);
        processBuilder.redirectErrorStream(true);
        return processBuilder.start();
    }
}
```

## 3、修改网卡名称

##### 编辑`TShark.java`文件，找到 **startSharkProcess** 函数

```java
public static Process startSharkProcess() throws IOException {
        List<String> cmd = List.of(
                "tshark",
                "-l",
                "-i",
                "\\Device\\NPF_{807C63AC-179D-4AC8-BD56-85CE8AA179DB}",
                "-Y",
                "tcp.port == 33000 && http.request.method == \"POST\"",
                "-V"
        );
        ProcessBuilder processBuilder = new ProcessBuilder(cmd);
        processBuilder.redirectErrorStream(true);
        return processBuilder.start();
    }
```
##### 把这一行网卡名称，替换成正确的网卡名称，下面这个是我自己电脑上的网卡名称

```
"\\Device\\NPF_{807C63AC-179D-4AC8-BD56-85CE8AA179DB}"
```

不确定当前IP使用的哪个网卡，可以用下面这个命令查询
```
ip a
```