import "github.com/dreadl0ck/netcap/encoder"
Implements encoders to transform network packets into protocol buffers for various protocols
arp.go bfd.go cip.go ciscoDicoveryInfo.go ciscoDiscovery.go config.go connection.go counters.go customEncoder.go dhcp4.go dhcp6.go dns.go dot11.go dot1q.go eap.go eapol.go eapolkey.go enip.go eth.go ethctp.go ethctpr.go fddi.go flow.go geneve.go gre.go http.go httpReader.go icmp4.go icmp6.go icmp6e.go icmp6na.go icmp6ns.go icmp6ra.go icmp6rs.go igmp.go init.go ip4.go ip6.go ip6hop.go ipsecah.go ipsecesp.go ipv6fragment.go layerEncoder.go lcm.go linkFlow.go llc.go lld.go lldi.go modbus.go mpls.go networkFlow.go nortelDiscovery.go ntp.go ospfv2.go ospfv3.go sctp.go shared.go sip.go snap.go tcp.go tcpStream.go tls.go transportFlow.go udp.go usb.go usbRequestBlockSetup.go utils.go vrrpv2.go vxlan.go
var (
// LayerEncoders map contains initialized encoders at runtime
// for usage from other packages
LayerEncoders = map[gopacket.LayerType][]*LayerEncoder{}
// set via encoder config
// used to request a content from being set on the audit records
AddContext bool
)var (
// LiveMode switch for all encoders
LiveMode bool
// CapturePayload for encoders that support it
CapturePayload = false
)var (
// Connections hold all connections
Connections = &AtomicConnMap{
Items: make(map[string]*types.Connection),
}
)var (
// CustomEncoders slice contains initialized encoders at runtime
// for usage from other packages
CustomEncoders = []*CustomEncoder{}
)var (
NetworkFlows = &AtomicNetworkFlowMap{
Items: make(map[uint64]*types.NetworkFlow),
}
)var (
TransportFlows = &AtomicTransportFlowMap{
Items: make(map[uint64]*types.TransportFlow),
}
)DecodeHTTP passes TCP packets to the TCP stream reassembler in order to decode HTTP request and responses CAUTION: this function must be called sequentially, because the stream reassembly implementation currently does not handle out of order packets
func DumpTop5LinkFlows()
func DumpTop5NetworkFlows()
func DumpTop5TransportFlows()
Entropy returns the shannon entropy value https://rosettacode.org/wiki/Entropy#Go
ExtractTLSHandShake extracts a TLS HandShake from a TCP Packet
InitCustomEncoders initializes all custom encoders
InitLayerEncoders initializes all layer encoders
func MarkdownOverview()
MarkdownOverview dumps a Markdown summary of all available encoders and their fields
func SetErrorMap(m *AtomicCounterMap)
func ShowEncoders()
AtomicConnMap contains all connections and provides synchronized access
func (a *AtomicConnMap) Size() int
Size returns the number of elements in the Items map
AtomicCounterMap maps strings to integers
func NewAtomicCounterMap() *AtomicCounterMap
NewAtomicCounterMap returns a new AtomicCounterMap
func (a *AtomicCounterMap) Inc(val string)
Inc increments a value
func (a *AtomicFlowMap) Size() int
type Config struct {
Buffer bool
Compression bool
CSV bool
IncludeEncoders string
ExcludeEncoders string
Out string
WriteChan bool
Source string
Version string
IncludePayloads bool
Export bool
AddContext bool
MemBufferSize int
}Config contains configuration parameters for the encoders
ConnectionID is a bidirectional connection between two devices over the network that includes the Link, Network and TransportLayer
func (c ConnectionID) String() string
type Context struct {
CaptureInfo gopacket.CaptureInfo
}Context is the assembler context
func (c *Context) GetCaptureInfo() gopacket.CaptureInfo
GetCaptureInfo returns the gopacket.CaptureInfo from the context
type CustomEncoder struct {
// public fields
Name string
Type types.Type
Handler CustomEncoderHandler
// contains filtered or unexported fields
}CustomEncoder implements custom logic to decode data from a gopacket.Packet
func CreateCustomEncoder(t types.Type, name string, postinit func(*CustomEncoder) error, handler CustomEncoderHandler, deinit func(*CustomEncoder) error) *CustomEncoder
CreateCustomEncoder returns a new CustomEncoder instance
func (e *CustomEncoder) Destroy() (name string, size int64)
Destroy closes and flushes all writers and calls deinit if set
func (e *CustomEncoder) Encode(p gopacket.Packet) error
Encode is called for each layer this calls the handler function of the encoder and writes the serialized protobuf into the data pipe
func (e *CustomEncoder) GetChan() <-chan []byte
GetChan returns a channel to receive serialized protobuf data from the encoder
func (e *CustomEncoder) NumRecords() int64
NumRecords returns the number of written records
CustomEncoderHandler takes a gopacket.Packet and returns a proto.Message
type LayerEncoder struct {
// public fields
Layer gopacket.LayerType
Type types.Type
Handler LayerEncoderHandler
// contains filtered or unexported fields
}LayerEncoder represents an encoder for the gopacket.Layer type
func CreateLayerEncoder(nt types.Type, lt gopacket.LayerType, handler LayerEncoderHandler) *LayerEncoder
CreateLayerEncoder returns a new LayerEncoder instance
func (e *LayerEncoder) Destroy() (name string, size int64)
Destroy closes and flushes all writers
func (e *LayerEncoder) Encode(ctx *types.PacketContext, p gopacket.Packet, l gopacket.Layer) error
Encode is called for each layer this calls the handler function of the encoder and writes the serialized protobuf into the data pipe
func (e *LayerEncoder) GetChan() <-chan []byte
GetChan returns a channel to receive serialized protobuf data from the encoder
LayerEncoderHandler is the handler function for a layer encoder
type Stream struct {
// contains filtered or unexported fields
}Stream contains both unidirectional flows for a connection
Reverse flips source and destination
Package encoder imports 35 packages (graph) and is imported by 11 packages. Updated 2020-03-16. Refresh now. Tools for package owners.