pcaphelper

package module
v0.0.0-...-eca0260 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2015 License: MIT Imports: 8 Imported by: 0

README

pcaphelper

pcaphelper is a small package to get some information about pcap file.

the goals are performance(WIP) and no dependencies (no need of libpcap)

Currently focus on pcap only (pcap nano is supported for the detection), pcap-ng is not supported

functions

IsPcap(filename string) (PcapType, Endianness, error)
GetVersion(filename string) (major, minor, error)
GetStartTimestamp(filename string) (*time.Time, error)
GetEndTimestamp(filename string) (*time.Time, error)
GetMD5(filename string) (string, error)
GetSHA1(filename string) (string, error)
GetDataLink(filename string) (DataLink, error)

you can find the full documentation here: https://godoc.org/github.com/stumpyfr/pcaphelper

Roadmap

  • pcap-ng support
  • GetDataLink
  • GetNumberOfPacket
    • need improve performance
  • GetDuration
    • need improve performance
  • GetStartTimestamp
  • GetEndTimestamp
    • need improve performance

Documentation

Index

Constants

View Source 
const (
	LITTLE Endianness = 0
	BIG               = 1

	INVALID         PcapType = 0
	PCAP                     = 0xa1b2c3d4
	PCAP_SWAPPED             = 0xd4c3b2a1
	PCAP_NS                  = 0xa1b23c4d
	PCAP_NS_SWAPPED          = 0x4d3cb2a1
	PCAP_NG                  = 0x0a0d0d0a

	LINKTYPE_NULL                DataLink = 0
	LINKTYPE_ETHERNET                     = 1
	LINKTYPE_IEEE802_5                    = 6
	LINKTYPE_RAW                          = 101
	LINKTYPE_IEEE802_11                   = 105
	LINKTYPE_IEEE802_11_RADIOTAP          = 217
	LINKTYPE_BLUETOOTH_LE_LL              = 251
)

Variables

This section is empty.

Functions

func GetDuration 

func GetDuration(filename string) (*time.Duration, error)

func GetFirstTimestamp 

func GetFirstTimestamp(filepath string) (*time.Time, error)

GetFirstTimestamp returns the timestamp of the first packet

func GetLastTimestamp 

func GetLastTimestamp(filename string) (*time.Time, error)

GetLastTimestamp returns the timestamp of the last packet

func GetMD5 

func GetMD5(filename string) (string, error)

GetMD5 returns the md5 hash of the file

func GetSHA1 

func GetSHA1(filename string) (string, error)

GetSHA1 returns the sha1 hash of the file

func GetVersion 

func GetVersion(filepath string) (int, int, error)

GetVersion return the major and minor version of the pcap file

func IsPcap 

func IsPcap(filepath string) (PcapType, Endianness, error)

IsPcap returns the PcapType based on the magic code of the file and the endianness of the pcap

func NumberOfPacket 

func NumberOfPacket(filename string) (int, error)

NumberOfPacket returns the number of packet in the pcap

Types 

type DataLink int

DataLink represents the data link of the pcap 

func GetDataLink(filepath string) (DataLink, error)

GetDataLink returns the datalink of the pcap

type Endianness 

type Endianness int

Endianness represents the endian type of the pcap

type PcapType 

type PcapType int

PcapType represents the different type of pcap file based on the magic code

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.