trireme-lib: go.aporeto.io/trireme-lib/controller/pkg/packet Index | Files

package packet

import "go.aporeto.io/trireme-lib/controller/pkg/packet"

Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Index

Package Files

constants.go helpers.go packet.go types.go

Constants

const (
    // IPProtocolTCP defines the constant for UDP protocol number
    IPProtocolTCP = 6

    // IPProtocolUDP defines the constant for UDP protocol number
    IPProtocolUDP = 17
)

IP Protocol numbers

const (

    // TCPSynMask is a mask for the TCP Syn flags
    TCPSynMask = 0x2

    // TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
    TCPSynAckMask = 0x12

    // TCPRstMask mask that identifies RST packets
    TCPRstMask = 0x4

    // TCPAckMask mask that identifies ACK packets
    TCPAckMask = 0x10

    // TCPFinMask mask that identifies FIN packets
    TCPFinMask = 0x1

    // TCPPshMask = 0x8 mask that identifies PSH packets
    TCPPshMask = 0x8
)

TCP Header masks

const (
    // TCPAuthenticationOption is the option number will be using
    TCPAuthenticationOption = uint8(34)

    // TCPMssOption is the type for MSS option
    TCPMssOption = uint8(2)

    // TCPMssOptionLen is the type for MSS option
    TCPMssOptionLen = uint8(4)
)

TCP Options Related constants

const (
    // UDPLengthPos is the location of UDP length
    UDPLengthPos = 24
    // UDPChecksumPos is the location of UDP checksum
    UDPChecksumPos = 26
    // UDPDataPos is the location of UDP data
    UDPDataPos = 28
    // UDPBeginPos is the location of UDP Header
    UDPBeginPos = 20
    // UDPSynMask is a mask for the UDP Syn flags
    UDPSynMask = 0x10
    // UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
    UDPSynAckMask = 0x20
    // UDPAckMask mask that identifies ACK packets.
    UDPAckMask = 0x30
    // UDPFinAckMask mask that identifies the FinAck packets
    UDPFinAckMask = 0x40
    // UDPPacketMask identifies type of UDP packet.
    UDPPacketMask = 0x70
)

UDP related constants.

const (
    // UDPAuthMarker is 18 byte Aporeto signature for UDP
    UDPAuthMarker = "n30njxq7bmiwr6dtxq"
    // UDPAuthMarkerLen is the length of UDP marker.
    UDPAuthMarkerLen = 18
    // UDPSignatureLen is the length of signature on UDP control packet.
    UDPSignatureLen = 20
    // UDPAuthMarkerOffset is the beginning of UDPAuthMarker
    UDPAuthMarkerOffset = 30
    // UDPSignatureEnd is the end of UDPSignature.
    UDPSignatureEnd = UDPDataPos + UDPSignatureLen
    // UDPJwtTokenOffset is beginning of Jwt Token.
    UDPJwtTokenOffset = 48
)
const (
    // PacketTypeNetwork is enum for from-network packets
    PacketTypeNetwork = 0x1000
    // PacketTypeApplication is enum for from-application packets
    PacketTypeApplication = 0x2000

    // PacketStageIncoming is an enum for incoming stage
    PacketStageIncoming = 0x0100
    // PacketStageAuth is an enum for authentication stage
    PacketStageAuth = 0x0200
    // PacketStageService is an enum for crypto stage
    PacketStageService = 0x0400
    // PacketStageOutgoing is an enum for outgoing stage
    PacketStageOutgoing = 0x0800

    // PacketFailureCreate is the drop reason for packet
    PacketFailureCreate = 0x0010
    // PacketFailureAuth is a drop reason for packet due to authentication error
    PacketFailureAuth = 0x0020
    // PacketFailureService is a drop reason for packet due to crypto error
    PacketFailureService = 0x00040
)
const (

    // ipIDPos is location of IP Identifier
    IPIDPos = 4
)

IP Header field position constants

const (

    // TCPChecksumPos is the location of TCP checksum
    TCPChecksumPos = 36
)

TCP Header field position constants

Variables

var (
    // PacketLogLevel determines if packet logging is turned on
    PacketLogLevel bool
)

func TCPFlagsToStr Uses

func TCPFlagsToStr(flags uint8) string

TCPFlagsToStr converts the TCP Flags to a string value that is human readable

type Packet Uses

type Packet struct {

    // Mark is the nfqueue Mark
    Mark string

    // Buffers : input/output buffer
    Buffer []byte

    IPProto       uint8
    IPTotalLength uint16

    SourceAddress      net.IP
    DestinationAddress net.IP

    // L4 Header Fields
    SourcePort      uint16
    DestinationPort uint16

    // TCP Specific fields
    TCPSeq uint32
    TCPAck uint32

    TCPFlags    uint8
    TCPChecksum uint16

    // UDP Specific fields.
    UDPChecksum uint16

    // Service Metadata
    SvcMetadata interface{}
    // Connection Metadata
    ConnectionMetadata interface{}
    // contains filtered or unexported fields
}

Packet is the main structure holding packet information

func New Uses

func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

func (*Packet) CheckTCPAuthenticationOption Uses

func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

func (*Packet) ConvertAcktoFinAck Uses

func (p *Packet) ConvertAcktoFinAck() error

ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

func (*Packet) CreateReverseFlowPacket Uses

func (p *Packet) CreateReverseFlowPacket(destIP net.IP, destPort uint16)

CreateReverseFlowPacket modifies the packet for reverse flow.

func (*Packet) DecreaseTCPAck Uses

func (p *Packet) DecreaseTCPAck(decr uint32)

DecreaseTCPAck decreases TCP ack number by decr

func (*Packet) DecreaseTCPSeq Uses

func (p *Packet) DecreaseTCPSeq(decr uint32)

DecreaseTCPSeq decreases TCP seq number by decr

func (*Packet) DropDetachedBytes Uses

func (p *Packet) DropDetachedBytes()

DropDetachedBytes removes any bytes that have been detached and stored locally

func (*Packet) DropDetachedDataBytes Uses

func (p *Packet) DropDetachedDataBytes()

DropDetachedDataBytes removes any bytes that have been detached and stored locally

func (*Packet) FixupIPHdrOnDataModify Uses

func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

FixupIPHdrOnDataModify modifies the IP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataAttach Uses

func (p *Packet) FixupTCPHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

FixupTCPHdrOnTCPDataAttach modifies the TCP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataDetach Uses

func (p *Packet) FixupTCPHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

FixupTCPHdrOnTCPDataDetach modifies the TCP header fields and checksum

func (*Packet) GetBytes Uses

func (p *Packet) GetBytes() []byte

GetBytes returns the bytes in the packet. It consolidates in case of changes as well

func (*Packet) GetIPLength Uses

func (p *Packet) GetIPLength() uint16

GetIPLength returns the IP length

func (*Packet) GetTCPData Uses

func (p *Packet) GetTCPData() []byte

GetTCPData returns any additional data in the packet

func (*Packet) GetTCPOptions Uses

func (p *Packet) GetTCPOptions() []byte

GetTCPOptions returns any additional options in the packet

func (*Packet) GetUDPData Uses

func (p *Packet) GetUDPData() []byte

GetUDPData return additional data in packet

func (*Packet) GetUDPDataStartBytes Uses

func (p *Packet) GetUDPDataStartBytes() uint16

GetUDPDataStartBytes return start of UDP data

func (*Packet) GetUDPType Uses

func (p *Packet) GetUDPType() byte

GetUDPType returns udp type of packet.

func (*Packet) ID Uses

func (p *Packet) ID() string

ID returns the IP ID of the packet

func (*Packet) IncreaseTCPAck Uses

func (p *Packet) IncreaseTCPAck(incr uint32)

IncreaseTCPAck increases TCP ack number by incr

func (*Packet) IncreaseTCPSeq Uses

func (p *Packet) IncreaseTCPSeq(incr uint32)

IncreaseTCPSeq increases TCP seq number by incr

func (*Packet) IsEmptyTCPPayload Uses

func (p *Packet) IsEmptyTCPPayload() bool

IsEmptyTCPPayload returns the TCP data offset

func (*Packet) L4FlowHash Uses

func (p *Packet) L4FlowHash() string

L4FlowHash calculate a hash string based on the 4-tuple

func (*Packet) L4ReverseFlowHash Uses

func (p *Packet) L4ReverseFlowHash() string

L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

func (*Packet) Print Uses

func (p *Packet) Print(context uint64)

Print is a print helper function

func (*Packet) ReadTCPData Uses

func (p *Packet) ReadTCPData() []byte

ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadTCPDataString Uses

func (p *Packet) ReadTCPDataString() string

ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadUDPToken Uses

func (p *Packet) ReadUDPToken() []byte

ReadUDPToken returnthe UDP token. Gets called only during the handshake process.

func (*Packet) SetTCPData Uses

func (p *Packet) SetTCPData(b []byte)

SetTCPData returns any additional data in the packet

func (*Packet) SetUDPData Uses

func (p *Packet) SetUDPData(b []byte)

SetUDPData sets additional data in the packet

func (*Packet) SourcePortHash Uses

func (p *Packet) SourcePortHash(stage uint64) string

SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

func (*Packet) String Uses

func (p *Packet) String() string

String returns a string representation of fields contained in this packet.

func (*Packet) TCPDataAttach Uses

func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

TCPDataAttach modifies the TCP and IP header fields and checksum

func (*Packet) TCPDataDetach Uses

func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

TCPDataDetach performs the following:

- Removes all TCP data from Buffer to TCPData.
- Removes "optionLength" bytes of options from TCP header to tcpOptions
- Updates IP Hdr (lengths, checksums)
- Updates TCP header (checksums)

func (*Packet) TCPDataLength Uses

func (p *Packet) TCPDataLength() int

TCPDataLength -- returns the length of tcp options

func (*Packet) TCPDataStartBytes Uses

func (p *Packet) TCPDataStartBytes() uint16

TCPDataStartBytes provides the tcp data start offset in bytes

func (*Packet) TCPOptionLength Uses

func (p *Packet) TCPOptionLength() int

TCPOptionLength returns the length of tcpoptions

func (*Packet) UDPDataAttach Uses

func (p *Packet) UDPDataAttach(udpdata []byte)

UDPDataAttach Attaches UDP data post encryption.

func (*Packet) UDPDataDetach Uses

func (p *Packet) UDPDataDetach()

UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

func (*Packet) UDPTokenAttach Uses

func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

UDPTokenAttach attached udp packet signature and tokens.

func (*Packet) UpdateIPChecksum Uses

func (p *Packet) UpdateIPChecksum()

UpdateIPChecksum computes the IP header checksum and updates the packet with the value.

func (*Packet) UpdateTCPChecksum Uses

func (p *Packet) UpdateTCPChecksum()

UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

func (*Packet) UpdateUDPChecksum Uses

func (p *Packet) UpdateUDPChecksum()

UpdateUDPChecksum updates the UDP checksum field of packet

func (*Packet) VerifyIPChecksum Uses

func (p *Packet) VerifyIPChecksum() bool

VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

func (*Packet) VerifyTCPChecksum Uses

func (p *Packet) VerifyTCPChecksum() bool

VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

Package packet imports 10 packages (graph) and is imported by 15 packages. Updated 2019-02-20. Refresh now. Tools for package owners.