netcap: github.com/dreadl0ck/netcap/collector Index | Files

package collector

import "github.com/dreadl0ck/netcap/collector"

Provides a mechanism to collect network packets from a network interface on macOS, linux and windows

Index

Package Files

atomicPcapGoWriter.go batch.go bpf.go collector.go config.go live_linux.go metrics.go pcap.go pcapNG.go pcapUtils.go utils.go worker.go

func DumpProto Uses

func DumpProto(pb proto.Message)

DumpProto prints a protobuff Message.

func IsPcap Uses

func IsPcap(file string) (bool, error)

IsPcap checks wheter a file is a PCAP file

type AtomicPcapGoWriter Uses

type AtomicPcapGoWriter struct {
    sync.Mutex
    // contains filtered or unexported fields
}

AtomicPcapGoWriter is a symchronized PCAP writer that counts the number of packets written.

func NewAtomicPcapGoWriter Uses

func NewAtomicPcapGoWriter(w *pcapgo.Writer) *AtomicPcapGoWriter

NewAtomicPcapGoWriter takes a pcapgo.Writer and returns an atomic version

func (*AtomicPcapGoWriter) WritePacket Uses

func (a *AtomicPcapGoWriter) WritePacket(ci gopacket.CaptureInfo, data []byte) error

WritePacket writes a packet into the writer.

type BatchInfo Uses

type BatchInfo struct {
    Type types.Type
    Chan <-chan []byte
}

BatchInfo contains information about a Batch source.

type Collector Uses

type Collector struct {
    // contains filtered or unexported fields
}

Collector provides an interface to collect data from PCAP or a network interface.

func New Uses

func New(config Config) *Collector

New returns a new Collector instance.

func (*Collector) CollectBPF Uses

func (c *Collector) CollectBPF(path string, bpf string) error

CollectBPF open the named PCAP file and sets the specified BPF filter.

func (*Collector) CollectLive Uses

func (c *Collector) CollectLive(i string, bpf string) error

CollectLive starts collection of data from the given interface. optionally a BPF can be supplied. this is the linux version that uses the pure go version from pcapgo to fetch packets live.

func (*Collector) CollectPcap Uses

func (c *Collector) CollectPcap(path string) error

CollectPcap implements parallel decoding of incoming packets.

func (*Collector) CollectPcapNG Uses

func (c *Collector) CollectPcapNG(path string) error

CollectPcapNG implements parallel decoding of incoming packets.

func (*Collector) FreeOSMemory Uses

func (c *Collector) FreeOSMemory()

FreeOSMemory forces freeing memory

func (*Collector) GetNumPackets Uses

func (c *Collector) GetNumPackets() int64

GetNumPackets returns the current number of processed packets

func (*Collector) Init Uses

func (c *Collector) Init() (err error)

Init sets up the collector and starts the configured number of workers must be called prior to usage of the collector instance.

func (*Collector) InitBatching Uses

func (c *Collector) InitBatching(maxSize int, bpf string, in string) ([]BatchInfo, *pcap.Handle, error)

InitBatching initializes batching mode and returns an array of Batchinfos and the pcap handle closing the handle must be done by the caller.

func (*Collector) PrintConfiguration Uses

func (c *Collector) PrintConfiguration()

PrintConfiguration dumps the current collector config to stdout

func (*Collector) Stats Uses

func (c *Collector) Stats()

Stats prints collector statistics.

type Config Uses

type Config struct {
    Live                bool
    WriteUnknownPackets bool
    Workers             int
    PacketBufferSize    int
    SnapLen             int
    Promisc             bool
    EncoderConfig       encoder.Config
    BaseLayer           gopacket.LayerType
    DecodeOptions       gopacket.DecodeOptions
}

Config contains configuration parameters for the Collector instance.

Package collector imports 30 packages (graph) and is imported by 10 packages. Updated 2020-03-29. Refresh now. Tools for package owners.