From bac25cb4c69e8620b05482a6dbc8344e27013f73 Mon Sep 17 00:00:00 2001
From: iBug <git@ibugone.com>
Date: Wed, 16 Oct 2024 01:55:32 +0800
Subject: [PATCH] fix(analyze): Filter only sockets on server ports 80, 443 and
 873

---
 pkg/analyze/analyze.go | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/pkg/analyze/analyze.go b/pkg/analyze/analyze.go
index 4c72cbb..f790118 100644
--- a/pkg/analyze/analyze.go
+++ b/pkg/analyze/analyze.go
@@ -360,11 +360,18 @@ func (a *Analyzer) handleLogItem(logItem parser.LogItem) error {
 	return nil
 }
 
+func filterSockTabEntry(s *netstat.SockTabEntry) bool {
+	switch s.LocalAddr.Port {
+	case 80, 443, 873:
+	default:
+		return false
+	}
+	return s.State == netstat.Established
+}
+
 func (a *Analyzer) GetActiveConns(activeConn map[netip.Prefix]int) {
 	// Get active connections
-	tabs, err := netstat.TCPSocks(func(s *netstat.SockTabEntry) bool {
-		return s.State == netstat.Established
-	})
+	tabs, err := netstat.TCPSocks(filterSockTabEntry)
 	if err != nil {
 		a.logger.Printf("netstat error: %v", err)
 	} else {
@@ -376,9 +383,7 @@ func (a *Analyzer) GetActiveConns(activeConn map[netip.Prefix]int) {
 			activeConn[a.IPPrefix(ip)] += 1
 		}
 	}
-	tabs, err = netstat.TCP6Socks(func(s *netstat.SockTabEntry) bool {
-		return s.State == netstat.Established
-	})
+	tabs, err = netstat.TCP6Socks(filterSockTabEntry)
 	if err != nil {
 		a.logger.Printf("netstat error: %v", err)
 	} else {