trireme-lib: go.aporeto.io/trireme-lib/controller/pkg/packet Index | Files

package packet

import "go.aporeto.io/trireme-lib/controller/pkg/packet"

Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Index

Package Files

constants.go helpers.go packet.go types.go

Constants

const (
    // IPProtocolTCP defines the constant for UDP protocol number
    IPProtocolTCP = 6

    // IPProtocolUDP defines the constant for UDP protocol number
    IPProtocolUDP = 17
)

IP Protocol numbers

const (

    // TCPSynMask is a mask for the TCP Syn flags
    TCPSynMask = 0x2

    // TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
    TCPSynAckMask = 0x12

    // TCPRstMask mask that identifies RST packets
    TCPRstMask = 0x4

    // TCPAckMask mask that identifies ACK packets
    TCPAckMask = 0x10

    // TCPFinMask mask that identifies FIN packets
    TCPFinMask = 0x1

    // TCPPshMask = 0x8 mask that identifies PSH packets
    TCPPshMask = 0x8
)

TCP Header masks

const (
    // TCPAuthenticationOption is the option number will be using
    TCPAuthenticationOption = uint8(34)

    // TCPMssOption is the type for MSS option
    TCPMssOption = uint8(2)

    // TCPMssOptionLen is the type for MSS option
    TCPMssOptionLen = uint8(4)
)

TCP Options Related constants

const (
    // UDPLengthPos is the location of UDP length
    UDPLengthPos = 24
    // UDPChecksumPos is the location of UDP checksum
    UDPChecksumPos = 26
    // UDPDataPos is the location of UDP data
    UDPDataPos = 28
    // UDPBeginPos is the location of UDP Header
    UDPBeginPos = 20
    // UDPSynMask is a mask for the UDP Syn flags
    UDPSynMask = 0x20
    // UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
    UDPSynAckMask = 0x40
    // UDPAckMask mask that identifies ACK packets.
    UDPAckMask = 0x60
    // UDPPacketMask identifies type of UDP packet.
    UDPPacketMask = 0x60
)

UDP related constants.

const (
    // UDPAuthMarker is 18 byte Aporeto signature for UDP
    UDPAuthMarker = "n30njxq7bmiwr6dtxq"
    // UDPAuthMarkerLen is the length of UDP marker.
    UDPAuthMarkerLen = 18
    // UDPSignatureLen is the length of signature on UDP control packet.
    UDPSignatureLen = 20
    // UDPAuthMarkerOffset is the beginning of UDPAuthMarker
    UDPAuthMarkerOffset = 30
    // UDPSignatureEnd is the end of UDPSignature.
    UDPSignatureEnd = UDPDataPos + UDPSignatureLen
    // UDPJwtTokenOffset is beginning of Jwt Token.
    UDPJwtTokenOffset = 48
)
const (
    // PacketTypeNetwork is enum for from-network packets
    PacketTypeNetwork = 0x1000
    // PacketTypeApplication is enum for from-application packets
    PacketTypeApplication = 0x2000

    // PacketStageIncoming is an enum for incoming stage
    PacketStageIncoming = 0x0100
    // PacketStageAuth is an enum for authentication stage
    PacketStageAuth = 0x0200
    // PacketStageService is an enum for crypto stage
    PacketStageService = 0x0400
    // PacketStageOutgoing is an enum for outgoing stage
    PacketStageOutgoing = 0x0800

    // PacketFailureCreate is the drop reason for packet
    PacketFailureCreate = 0x0010
    // PacketFailureAuth is a drop reason for packet due to authentication error
    PacketFailureAuth = 0x0020
    // PacketFailureService is a drop reason for packet due to crypto error
    PacketFailureService = 0x00040
)
const (

    // ipIDPos is location of IP Identifier
    IPIDPos = 4
)

IP Header field position constants

const (

    // TCPChecksumPos is the location of TCP checksum
    TCPChecksumPos = 36
)

TCP Header field position constants

Variables

var (
    // PacketLogLevel determines if packet logging is turned on
    PacketLogLevel bool
)

func TCPFlagsToStr Uses

func TCPFlagsToStr(flags uint8) string

TCPFlagsToStr converts the TCP Flags to a string value that is human readable

type Packet Uses

type Packet struct {

    // Mark is the nfqueue Mark
    Mark string

    // Buffers : input/output buffer
    Buffer []byte

    IPProto       uint8
    IPTotalLength uint16

    SourceAddress      net.IP
    DestinationAddress net.IP

    // L4 Header Fields
    SourcePort      uint16
    DestinationPort uint16

    // TCP Specific fields
    TCPSeq uint32
    TCPAck uint32

    TCPFlags    uint8
    TCPChecksum uint16

    // UDP Specific fields.
    UDPChecksum uint16

    // Service Metadata
    SvcMetadata interface{}
    // Connection Metadata
    ConnectionMetadata interface{}
    // contains filtered or unexported fields
}

Packet is the main structure holding packet information

func New Uses

func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

func (*Packet) CheckTCPAuthenticationOption Uses

func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

func (*Packet) ConvertAcktoFinAck Uses

func (p *Packet) ConvertAcktoFinAck() error

ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

func (*Packet) CreateReverseFlowPacket Uses

func (p *Packet) CreateReverseFlowPacket(destIP net.IP, destPort uint16)

CreateReverseFlowPacket modifies the packet for reverse flow.

func (*Packet) DecreaseTCPAck Uses

func (p *Packet) DecreaseTCPAck(decr uint32)

DecreaseTCPAck decreases TCP ack number by decr

func (*Packet) DecreaseTCPSeq Uses

func (p *Packet) DecreaseTCPSeq(decr uint32)

DecreaseTCPSeq decreases TCP seq number by decr

func (*Packet) DropDetachedBytes Uses

func (p *Packet) DropDetachedBytes()

DropDetachedBytes removes any bytes that have been detached and stored locally

func (*Packet) DropDetachedDataBytes Uses

func (p *Packet) DropDetachedDataBytes()

DropDetachedDataBytes removes any bytes that have been detached and stored locally

func (*Packet) FixupIPHdrOnDataModify Uses

func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

FixupIPHdrOnDataModify modifies the IP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataAttach Uses

func (p *Packet) FixupTCPHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

FixupTCPHdrOnTCPDataAttach modifies the TCP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataDetach Uses

func (p *Packet) FixupTCPHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

FixupTCPHdrOnTCPDataDetach modifies the TCP header fields and checksum

func (*Packet) GetBytes Uses

func (p *Packet) GetBytes() []byte

GetBytes returns the bytes in the packet. It consolidates in case of changes as well

func (*Packet) GetIPLength Uses

func (p *Packet) GetIPLength() uint16

GetIPLength returns the IP length

func (*Packet) GetTCPData Uses

func (p *Packet) GetTCPData() []byte

GetTCPData returns any additional data in the packet

func (*Packet) GetTCPOptions Uses

func (p *Packet) GetTCPOptions() []byte

GetTCPOptions returns any additional options in the packet

func (*Packet) GetUDPData Uses

func (p *Packet) GetUDPData() []byte

GetUDPData return additional data in packet

func (*Packet) GetUDPDataStartBytes Uses

func (p *Packet) GetUDPDataStartBytes() uint16

GetUDPDataStartBytes return start of UDP data

func (*Packet) GetUDPType Uses

func (p *Packet) GetUDPType() byte

GetUDPType returns udp type of packet.

func (*Packet) ID Uses

func (p *Packet) ID() string

ID returns the IP ID of the packet

func (*Packet) IncreaseTCPAck Uses

func (p *Packet) IncreaseTCPAck(incr uint32)

IncreaseTCPAck increases TCP ack number by incr

func (*Packet) IncreaseTCPSeq Uses

func (p *Packet) IncreaseTCPSeq(incr uint32)

IncreaseTCPSeq increases TCP seq number by incr

func (*Packet) IsEmptyTCPPayload Uses

func (p *Packet) IsEmptyTCPPayload() bool

IsEmptyTCPPayload returns the TCP data offset

func (*Packet) L4FlowHash Uses

func (p *Packet) L4FlowHash() string

L4FlowHash calculate a hash string based on the 4-tuple

func (*Packet) L4ReverseFlowHash Uses

func (p *Packet) L4ReverseFlowHash() string

L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

func (*Packet) Print Uses

func (p *Packet) Print(context uint64)

Print is a print helper function

func (*Packet) ReadTCPData Uses

func (p *Packet) ReadTCPData() []byte

ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadTCPDataString Uses

func (p *Packet) ReadTCPDataString() string

ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadUDPToken Uses

func (p *Packet) ReadUDPToken() []byte

ReadUDPToken returnthe UDP token. Gets called only during the handshake process.

func (*Packet) SetTCPData Uses

func (p *Packet) SetTCPData(b []byte)

SetTCPData returns any additional data in the packet

func (*Packet) SetUDPData Uses

func (p *Packet) SetUDPData(b []byte)

SetUDPData sets additional data in the packet

func (*Packet) SourcePortHash Uses

func (p *Packet) SourcePortHash(stage uint64) string

SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

func (*Packet) String Uses

func (p *Packet) String() string

String returns a string representation of fields contained in this packet.

func (*Packet) TCPDataAttach Uses

func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

TCPDataAttach modifies the TCP and IP header fields and checksum

func (*Packet) TCPDataDetach Uses

func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

TCPDataDetach performs the following:

- Removes all TCP data from Buffer to TCPData.
- Removes "optionLength" bytes of options from TCP header to tcpOptions
- Updates IP Hdr (lengths, checksums)
- Updates TCP header (checksums)

func (*Packet) TCPDataLength Uses

func (p *Packet) TCPDataLength() int

TCPDataLength -- returns the length of tcp options

func (*Packet) TCPDataStartBytes Uses

func (p *Packet) TCPDataStartBytes() uint16

TCPDataStartBytes provides the tcp data start offset in bytes

func (*Packet) TCPOptionLength Uses

func (p *Packet) TCPOptionLength() int

TCPOptionLength returns the length of tcpoptions

func (*Packet) UDPDataAttach Uses

func (p *Packet) UDPDataAttach(udpdata []byte)

UDPDataAttach Attaches UDP data post encryption.

func (*Packet) UDPDataDetach Uses

func (p *Packet) UDPDataDetach()

UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

func (*Packet) UDPTokenAttach Uses

func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

UDPTokenAttach attached udp packet signature and tokens.

func (*Packet) UpdateIPChecksum Uses

func (p *Packet) UpdateIPChecksum()

UpdateIPChecksum computes the IP header checksum and updates the packet with the value.

func (*Packet) UpdateTCPChecksum Uses

func (p *Packet) UpdateTCPChecksum()

UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

func (*Packet) UpdateUDPChecksum Uses

func (p *Packet) UpdateUDPChecksum()

UpdateUDPChecksum updates the UDP checksum field of packet

func (*Packet) VerifyIPChecksum Uses

func (p *Packet) VerifyIPChecksum() bool

VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

func (*Packet) VerifyTCPChecksum Uses

func (p *Packet) VerifyTCPChecksum() bool

VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

Package packet imports 9 packages (graph) and is imported by 17 packages. Updated 2018-11-13. Refresh now. Tools for package owners.