network

package
v0.0.0-...-dcb2eba Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TrafficIn  = 0
	TrafficOut = 1
)
View Source 
const (
	HandleTypePFRing   = 0
	HandleTypePcap     = 1
	HandleTypeAFPacket = 2
)
View Source 
const DNSFilter = "udp and port 53"

BPF Filter for capturing DNS traffic only

View Source 
const NotDNSFilter = "tcp or (udp and not port 53)"

BPF Filter for capturing DNS all traffic but DNS const NotDNSFilter = "tcp or (udp and not port 53)"

View Source 
const (
	// Size is the length of the Crypto-PAn keying material.
	Size = keySize + blockSize
)

Variables

View Source 
var RFC1918 = []string{"10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"}
View Source 
var RFC1918Nets []net.IPNet = ToNets(RFC1918)

Functions

func CIDRinit 

func CIDRinit()

CIDRinit fills privateIPBlocks with the CIDR ranges for RFC1918 and loopback checking

func GetFirstInterface 

func GetFirstInterface() (string, error)

func GetRandomIP 

func GetRandomIP() string

func GetRandomMac 

func GetRandomMac() net.HardwareAddr

func GetRandomPort 

func GetRandomPort() uint16

func IsRFC1918 

func IsRFC1918(ip net.IP) bool

func ToNets 

func ToNets(strNets []string) []net.IPNet

Types

type AFHandle 

type AFHandle struct {
}

func (*AFHandle) Init 

func (h *AFHandle) Init(conf *HandleConfig) error

func (*AFHandle) ReadPacketData 

func (h *AFHandle) ReadPacketData() ([]byte, gopacket.CaptureInfo, error)

func (*AFHandle) Stats 

func (h *AFHandle) Stats() IfStats

type Cryptopan 

type Cryptopan struct {
	// contains filtered or unexported fields
}

Cryptopan is an instance of the Crypto-PAn algorithm, initialized with a given key.

func NewCryptoPAn 

func NewCryptoPAn(key []byte) (ctx *Cryptopan, err error)

NewCryptoPAn constructs and initializes Crypto-PAn with a given key.

func (*Cryptopan) Anonymize 

func (ctx *Cryptopan) Anonymize(addr net.IP) net.IP

Anonymize anonymizes the provided IP address with the Crypto-PAn algorithm.

type DNSPacketData 

type DNSPacketData struct {
	Data  *layers.DNS
	PktTs int64
}

type DNSParser 

type DNSParser struct {
	// contains filtered or unexported fields
}

DNSParser

func (*DNSParser) NewDNSParser 

func (dp *DNSParser) NewDNSParser(netif *NetworkInterface, sm *servicemap.ServiceMap)

func (*DNSParser) Parse 

func (dp *DNSParser) Parse(wg *sync.WaitGroup, stop chan struct{})

DNSParser is the worker function for parsing network traffic, focusing on dns traffic. Reads directly from the NetworkInterface it has been assigned The waitgroup is used to cleanly shut down.

type DNSTrace 

type DNSTrace struct {
	Trace []*DNSPacketData
	Count int64
}

DNSTrace is a container of ordered DNS responses

func GetDNSTrace 

func GetDNSTrace(pcapfile string) *DNSTrace

GetDNSTrace preparses a list of DNS packets to process in sequence for testing

type Handle 

type Handle interface {
	Init(conf *HandleConfig) error
	ReadPacketData() ([]byte, gopacket.CaptureInfo, error)
	Stats() IfStats
}

type HandleConfig 

type HandleConfig struct {
	Name      string
	Filter    string
	SnapLen   uint32
	Clustered bool
	ClusterID int
	ZeroCopy  bool
	FanOut    bool
}

type IfStats 

type IfStats struct {
	PktRecv uint64
	PktDrop uint64
}

type KeySizeError 

type KeySizeError int

KeySizeError is the error returned when the provided key is an invalid length.

func (KeySizeError) Error 

func (e KeySizeError) Error() string

type NetworkInterface 

type NetworkInterface struct {
	Mode       string
	Name       string
	HwAddr     net.HardwareAddr
	LocalNetv4 net.IPNet
	LocalNetv6 net.IPNet
	HandleType uint8
	IfHandle   Handle
}

NetworkInterface is a structure that carries information on the interface it maps to and pointers to the underlying packet processing tool (PFRing or Pcap)

func (*NetworkInterface) NewNetworkInterface 

func (ni *NetworkInterface) NewNetworkInterface(conf NetworkInterfaceConfiguration)

func (*NetworkInterface) ReadPacketData 

func (ni *NetworkInterface) ReadPacketData() ([]byte, gopacket.CaptureInfo, error)

type NetworkInterfaceConfiguration 

type NetworkInterfaceConfiguration struct {
	// name, filter, mode string, snaplen uint32
	Driver    string
	Name      string
	Mode      string
	Filter    string
	SnapLen   uint32
	Clustered bool
	ClusterID int
	Replay    bool
	ReplayMAC string
	ZeroCopy  bool
	FanOut    bool
}

NetworkInterfaceConfiguration is a support structure used to configure an interface

type Packet 

type Packet struct {
	RawData     []byte
	Eth         *layers.Ethernet
	Ip4         *layers.IPv4
	Ip6         *layers.IPv6
	Tcp         *layers.TCP
	Udp         *layers.UDP
	Dns         *layers.DNS
	TStamp      int64
	Dir         int
	HwAddr      string
	IsIPv4      bool
	IsLocal     bool
	Length      int64
	ServiceIP   string
	MyIP        string
	IsTCP       bool
	DataLength  int64
	ServicePort uint16
	MyPort      uint16
	SeqNumber   uint32
	IsDNS       bool
}

func NewPacket 

func NewPacket() *Packet

func (*Packet) Clear 

func (packet *Packet) Clear()

type PacketData 

type PacketData struct {
	FlowID  string
	Service string
	Pkt     Packet
}

PacketData contains packet and its metadata

func GetRandomPacket 

func GetRandomPacket(len int) (pktData *PacketData)

GenerateRandomPacket creates a random packet of length len with given packet size

type PacketProcessor 

type PacketProcessor interface {
	ProcessPacket(pkt *Packet) error
}

General Packet Processor interface. Implement to receive packets from parsers

type PacketTrace 

type PacketTrace struct {
	Trace []*PacketData
	Count int64
}

PacketTrace is a container of ordered packets

func GetRandomTrace 

func GetRandomTrace(n, len int) *PacketTrace

GetRandomTrace creates a list of random packets to process in sequence for testing

func GetTrace 

func GetTrace(pcapfile string) *PacketTrace

GetTrace preparse a list of packets to process in sequence for testing

func GetTraceWithServices 

func GetTraceWithServices(pcapfile string, sm *servicemap.ServiceMap) *PacketTrace

GetTraceWithServices preparse a list of packets to process in sequence for testing

type PcapHandle 

type PcapHandle struct {
	Name      string
	Filter    string
	SnapLen   uint32
	ZeroCopy  bool
	Clustered bool
	ClusterID int
	FanOut    bool
	PHandle   *pcap.Handle
}

func (*PcapHandle) Init 

func (h *PcapHandle) Init(conf *HandleConfig) error

func (*PcapHandle) NewPcapInterface 

func (h *PcapHandle) NewPcapInterface()

func (*PcapHandle) ReadPacketData 

func (h *PcapHandle) ReadPacketData() ([]byte, gopacket.CaptureInfo, error)

func (*PcapHandle) Stats 

func (h *PcapHandle) Stats() IfStats

type RingHandle 

type RingHandle struct {
}

func (*RingHandle) Init 

func (h *RingHandle) Init(conf *HandleConfig) error

func (*RingHandle) ReadPacketData 

func (h *RingHandle) ReadPacketData() ([]byte, gopacket.CaptureInfo, error)

func (*RingHandle) Stats 

func (h *RingHandle) Stats() IfStats

type TrafficParser 

type TrafficParser struct {
	// contains filtered or unexported fields
}

func (*TrafficParser) NewTrafficParser 

func (tp *TrafficParser) NewTrafficParser(netif *NetworkInterface, packetProcessor PacketProcessor)

func (*TrafficParser) Parse 

func (tp *TrafficParser) Parse(wg *sync.WaitGroup, stop chan struct{})

TrafficParser is the worker function for parsing network traffic. Each worker reads directly from the ring that is passed The waitgroup is used to cleanly shut down. Each worker listen on the stop chan to know when to stop processing

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.