Documentation
¶
Overview ¶
Package rawSocket provides traffic sniffier using RAW sockets.
Capture traffic from socket using RAW_SOCKET's http://en.wikipedia.org/wiki/Raw_socket
RAW_SOCKET allow you listen for traffic on any port (e.g. sniffing) because they operate on IP level.
Ports is TCP feature, same as flow control, reliable transmission and etc.
This package implements own TCP layer: TCP packets is parsed using tcp_packet.go, and flow control is managed by tcp_message.go
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Listener ¶
type Listener struct {
// contains filtered or unexported fields
}
Listener handle traffic capture
func NewListener ¶
func NewListener(addr string, port string, expire time.Duration, captureResponse bool) (l *Listener)
NewListener creates and initializes new Listener object
func (*Listener) Receive ¶
func (t *Listener) Receive() *TCPMessage
Receive TCP messages from the listener channel
type TCPMessage ¶
type TCPMessage struct {
ID string // Message ID
Ack uint32
ResponseAck uint32
RequestStart time.Time
RequestAck uint32
Start time.Time
End time.Time
IsIncoming bool
// contains filtered or unexported fields
}
TCPMessage ensure that all TCP packets for given request is received, and processed in right sequence Its needed because all TCP message can be fragmented or re-transmitted
Each TCP Packet have 2 ids: acknowledgment - message_id, and sequence - packet_id Message can be compiled from unique packets with same message_id which sorted by sequence Message is received if we didn't receive any packets for 2000ms
func NewTCPMessage ¶
func NewTCPMessage(ID string, Ack uint32, IsIncoming bool) (msg *TCPMessage)
NewTCPMessage pointer created from a Acknowledgment number and a channel of messages readuy to be deleted
func (*TCPMessage) AddPacket ¶
func (t *TCPMessage) AddPacket(packet *TCPPacket)
AddPacket to the message and ensure packet uniqueness TCP allows that packet can be re-send multiple times
func (*TCPMessage) Bytes ¶
func (t *TCPMessage) Bytes() (output []byte)
Bytes return message content
func (*TCPMessage) IsMultipart ¶ added in v0.10.1
func (t *TCPMessage) IsMultipart() bool
isMultipart returns true if message contains from multiple tcp packets
func (*TCPMessage) Size ¶ added in v0.10.1
func (t *TCPMessage) Size() (size int)
Size returns total size of message
func (*TCPMessage) UUID ¶ added in v0.10.1
func (t *TCPMessage) UUID() []byte
type TCPPacket ¶
type TCPPacket struct {
SrcPort uint16
DestPort uint16
Seq uint32
Ack uint32
DataOffset uint8
Flags uint16
Window uint16
Checksum uint16
Urgent uint16
Data []byte
Addr net.Addr
}
TCPPacket provides tcp packet parser Packet structure: http://en.wikipedia.org/wiki/Transmission_Control_Protocol
func ParseTCPPacket ¶
ParseTCPPacket takes address and tcp payload and returns parsed TCPPacket
func (*TCPPacket) Parse ¶
func (t *TCPPacket) Parse()
Parse TCP Packet, inspired by: https://github.com/miekg/pcap/blob/master/packet.go
Source Files