nfqueue

package
v1.40.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 23, 2019 License: Apache-2.0, Apache-2.0 Imports: 8 Imported by: 0

README

nfqueue-go

Nfqueue-go implements a go native implementation for the nfqueue netlink interface provided by Linux to process packets capture by a linux kernel filter.

The library implements a subset of the functionality provided by https://www.netfilter.org/projects/libnetfilter_queue/

The library implements the following APIs

  • create queue
  • process packets from the queue that are punted to it from the iptables match criteria.

It does not yet implememt parsing methods to get indev,physdev,outdev,outphysdev,indevnames,outdevnames,timestamp.

Documentation

Overview

nolint

Index

Constants

View Source
const (
	//NfDefaultPacketSize   the maximum size packet to expect on queue
	NfDefaultPacketSize = 0xffff

	//NfqaUnspec  unspecified
	NfqaUnspec nfqaAttr = 0x0
	//NfqaPacketHdr  Attr header for Packet payload
	NfqaPacketHdr nfqaAttr = 0x1
	//NfqaVerdictHdr  Attr header for verdict payload
	NfqaVerdictHdr uint16 = 0x2 /* nfqnlmsg_verdict_hrd */
	//NfqaMark  Attr Header for Mark Payload
	NfqaMark nfqaAttr = 0x3 /* u_int32_t nfmark */
	//NfqaTimestamp  header for timestamp payload
	NfqaTimestamp nfqaAttr = 0x4 /* nfqnl_msg_packet_timestamp */
	//NfqaIfindexIndev -- Ifindex for in device payload
	NfqaIfindexIndev nfqaAttr = 0x5 /* u_int32_t ifindex */
	//NfqaIfindexOutdev -- Ifindex for out device payload
	NfqaIfindexOutdev nfqaAttr = 0x6 /* u_int32_t ifindex */
	//NfqaIfindexPhysindev -- Physical Device
	NfqaIfindexPhysindev nfqaAttr = 0x7 /* u_int32_t ifindex */
	//NfqaIfindexPhysoutdev -- Physical Device
	NfqaIfindexPhysoutdev nfqaAttr = 0x8 /* u_int32_t ifindex */
	//NfqaHwaddr -- Hardware Address
	NfqaHwaddr nfqaAttr = 0x9 /* nfqnl_msg_packet_hw */
	//NfqaPayload -- Packet Payload
	NfqaPayload nfqaAttr = 0xa /* opaque data payload */

	//NfqnlCfgCmdnone -- None
	NfqnlCfgCmdnone nfqConfigCommands = 0x0
	//NfqnlCfgCmdBind -- queue bind command
	NfqnlCfgCmdBind nfqConfigCommands = 0x1
	//NfqnlCfgCmdUnbind -- queue unbind command
	NfqnlCfgCmdUnbind nfqConfigCommands = 0x2
	//NfqnlCfgCmdPfBind -- bind family
	NfqnlCfgCmdPfBind nfqConfigCommands = 0x3
	//NfqnlCfgCmdPfUnbind -- unbind family
	NfqnlCfgCmdPfUnbind nfqConfigCommands = 0x4

	//NfqnlCopyNone -- Copy no packet bytes to userspace
	NfqnlCopyNone nfqConfigMode = 0x0
	//NfqnlCopyMeta -- Copy only metadata
	NfqnlCopyMeta nfqConfigMode = 0x1
	//NfqnlCopyPacket -- Copy packet bytes specified by Range
	NfqnlCopyPacket nfqConfigMode = 0x2

	SizeofMsgConfigCommand = 0x4

	SizeOfNfqMsgConfigParams uint32 = uint32(unsafe.Sizeof(NfqMsgConfigParams{}))
	//SizeOfNfqMsgConfigQueueLen -- Sizeof NfqMsgConfigQueueLen
	SizeOfNfqMsgConfigQueueLen uint32 = uint32(unsafe.Sizeof(NfqMsgConfigQueueLen{}))
	//SizeofNfqMsgVerdictHdr -- Sizeof verdict hdr struct
	SizeofNfqMsgVerdictHdr uint32 = 0x8
	//SizeofNfqMsgMarkHdr -- sizeof mark hdr
	SizeofNfqMsgMarkHdr = 0x4
	//APUNSPEC -- PF_UNSPEC/AF_UNSPEC
	APUNSPEC uint8 = syscall.AF_UNSPEC

	//NfqaCfgUnspec -- Unspec
	NfqaCfgUnspec uint32 = 0x0
	//NfqaCfgCmd -- attr config command
	NfqaCfgCmd uint16 = 0x1 /* nfqnl_msg_config_cmd */
	//NfqaCfgParams -- config parameters
	NfqaCfgParams uint16 = 0x2 /* nfqnl_msg_config_params */
	//NfqaCfgQueueMaxLen -- MaxQueuelen
	NfqaCfgQueueMaxLen uint16 = 0x3 /* u_int32_t */
	//NfqaCfgMask -- Mask
	NfqaCfgMask uint32 = 0x4 /* identify which flags to change */
	//NfqaCfgFlags -- Config Flags
	NfqaCfgFlags uint32 = 0x5 /* value of these flags (__u32) */

)

Variables

This section is empty.

Functions

func GetPacketInfo

func GetPacketInfo(attr map[int]*common.NfAttrResponsePayload) (int, int, []byte)

GetPacketInfo -- Extract packet info from netlink response Returns mark,packetid and packet payload Mark is uint32

func QueueID

func QueueID(msg *common.NfqGenMsg) uint16

QueueID return queueid

Types

type NFPacket

type NFPacket struct {
	Buffer      []byte
	Mark        int
	Xbuffer     []byte
	QueueHandle *NfQueue
	ID          int
}

NFPacket -- message format sent on channel

type NFQueue

type NFQueue interface {
	Verdict
	NfqOpen() (SockHandle, error)
	UnbindPf() error

	CreateQueue(num uint16, data func(packet *NFPacket, callback interface{}), errorCallback func(err error, data interface{}), privateData interface{}) error
	NfqSetMode(mode nfqConfigMode, packetSize uint32) error
	NfqSetQueueMaxLen(queuelen uint32) error
	NfqClose()
	NfqDestroyQueue() error
	Recv() (*common.NfqGenMsg, map[int]*common.NfAttrResponsePayload, error)
	ProcessPackets(ctx context.Context)
	BindPf() error
	// contains filtered or unexported methods
}

NFQueue -- Interface exposing internal Nfqueue functions. This is needed if we want to create and manage queues. Instead of calling the CreateAndStart function directly from the package

func NewNFQueue

func NewNFQueue() NFQueue

NewNFQueue -- create a new NfQueue handle

type NfQueue

type NfQueue struct {
	SubscribedSubSys uint32
	QueueNum         uint16

	NotificationChannel chan *NFPacket

	Syscalls syscallwrappers.Syscalls
	// contains filtered or unexported fields
}

NfQueue Struct to hold global val for all instances of netlink socket

func (*NfQueue) BindPf

func (q *NfQueue) BindPf() error

BindPf -- Bind to a PF family

func (*NfQueue) CreateQueue

func (q *NfQueue) CreateQueue(num uint16, callback func(*NFPacket, interface{}), errorCallback func(err error, data interface{}), privateData interface{}) error

CreateQueue -- Create a queue handle -- handle representing the opne netlink socket num -- queue number data -- private data associated with the queue

func (*NfQueue) GetNotificationChannel

func (q *NfQueue) GetNotificationChannel() chan *NFPacket

GetNotificationChannel -- Return a handle to the notification channel

func (*NfQueue) NfqClose

func (q *NfQueue) NfqClose()

NfqClose -- Close the netlink socket for this queue

func (*NfQueue) NfqDestroyQueue

func (q *NfQueue) NfqDestroyQueue() error

NfqDestroyQueue -- unbind queue

func (*NfQueue) NfqOpen

func (q *NfQueue) NfqOpen() (SockHandle, error)

NfqOpen Open a new netlink socket Create a new queue handle and return the handle Open a new socket and return it in the NfqHandle. The fd for the socket is stored in an unexported handle

func (*NfQueue) NfqSetMode

func (q *NfQueue) NfqSetMode(mode nfqConfigMode, packetSize uint32) error

NfqSetMode -- Set queue mode copynone/copymeta/copypacket handle -- handle representing the opne netlink socket mode -- Copy mode for this queue packetSize -- The range of bytes from packets to copy

func (*NfQueue) NfqSetQueueMaxLen

func (q *NfQueue) NfqSetQueueMaxLen(queuelen uint32) error

NfqSetQueueMaxLen -- THe maximum number of packets in queue handle -- handle representing the opne netlink socket queuelen -- Length of queue

func (*NfQueue) ProcessPackets

func (q *NfQueue) ProcessPackets(ctx context.Context)

ProcessPackets -- Function to wait on socket to receive packets and post it back to channel

func (*NfQueue) Recv

Recv -- Recv packets from socket and parse them return nfgen and nfattr slices

func (*NfQueue) SetVerdict

func (q *NfQueue) SetVerdict(queueNum uint32, verdict uint32, packetLen uint32, packetID uint32, packet []byte)

SetVerdict -- SetVerdict on the packet -- accept/drop

func (*NfQueue) SetVerdict2

func (q *NfQueue) SetVerdict2(queueNum uint32, verdict uint32, mark uint32, packetLen uint32, packetID uint32, packet []byte)

SetVerdict2 -- SetVerdict on the packet -- accept/drop also mark

func (*NfQueue) StopQueue added in v1.0.18

func (q *NfQueue) StopQueue() error

StopQueue -- Destroy queue and close socket

func (*NfQueue) UnbindPf

func (q *NfQueue) UnbindPf() error

UnbindPf -- passes an unbind command to nfnetlink for AF_INET.

type NfqMsgConfigCommand

type NfqMsgConfigCommand struct {
	Command nfqConfigCommands
	// contains filtered or unexported fields
}

NfqMsgConfigCommand -- config command Command -- the config command pf -- family

func (*NfqMsgConfigCommand) Length

func (r *NfqMsgConfigCommand) Length() uint32

Length -- Return length of struct

func (*NfqMsgConfigCommand) ToWireFormat

func (r *NfqMsgConfigCommand) ToWireFormat() []byte

ToWireFormat -- Convert NfqMsgConfigCommand to byte slice

type NfqMsgConfigParams

type NfqMsgConfigParams struct {
	// contains filtered or unexported fields
}

NfqMsgConfigParams -- Config params copyRange -- Range of bytes to copy copyMode -- copyMode meta/none/packet

func (*NfqMsgConfigParams) Length

func (r *NfqMsgConfigParams) Length() uint32

Length -- Return length of struct

func (*NfqMsgConfigParams) ToWireFormat

func (r *NfqMsgConfigParams) ToWireFormat() []byte

ToWireFormat -- Convert NfqMsgConfigParams to byte slice

type NfqMsgConfigQueueLen

type NfqMsgConfigQueueLen struct {
	// contains filtered or unexported fields
}

NfqMsgConfigQueueLen -- Queue length queueLen -- The length of queue

func (*NfqMsgConfigQueueLen) Length

func (r *NfqMsgConfigQueueLen) Length() uint32

Length -- Return length of struct

func (*NfqMsgConfigQueueLen) ToWireFormat

func (r *NfqMsgConfigQueueLen) ToWireFormat() []byte

ToWireFormat -- Convert NfqMsgConfigQueueLen to byte slice

type NfqMsgMarkHdr

type NfqMsgMarkHdr struct {
	// contains filtered or unexported fields
}

NfqMsgMarkHdr -- Mark Payload mark -- markval

func (*NfqMsgMarkHdr) Length

func (r *NfqMsgMarkHdr) Length() uint32

Length -- Return length of struct

func (*NfqMsgMarkHdr) ToWireFormat

func (r *NfqMsgMarkHdr) ToWireFormat() []byte

ToWireFormat -- Convert NfqMsgMarkHdr to byte slice

func (*NfqMsgMarkHdr) ToWireFormatBuf

func (r *NfqMsgMarkHdr) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert struct to []byte and copy it passed buf

type NfqMsgVerdictHdr

type NfqMsgVerdictHdr struct {
	// contains filtered or unexported fields
}

NfqMsgVerdictHdr -- Verdict Hdr struct verdict -- accept/drop id -- packetid

func (*NfqMsgVerdictHdr) Length

func (r *NfqMsgVerdictHdr) Length() uint32

Length -- return length of struct

func (*NfqMsgVerdictHdr) ToWireFormat

func (r *NfqMsgVerdictHdr) ToWireFormat() []byte

ToWireFormat -- Convert NfqMsgVerdictHdr to byte slice

func (*NfqMsgVerdictHdr) ToWireFormatBuf

func (r *NfqMsgVerdictHdr) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert structure to []byte and copy the []byte to passed buffer

type NfqSockHandle

type NfqSockHandle struct {
	Syscalls syscallwrappers.Syscalls
	// contains filtered or unexported fields
}

NfqSockHandle -- Sock handle of netlink socket fd -- fd of socket rcvbufSize -- rcv buffer Size lsa -- local address

type SockHandle

type SockHandle interface {
	// contains filtered or unexported methods
}

SockHandle Opaque interface with unexported functions

type Verdict

type Verdict interface {
	SetVerdict2(queueNum uint32, verdict uint32, mark uint32, packetLen uint32, packetID uint32, packet []byte)
	SetVerdict(queueNum uint32, verdict uint32, packetLen uint32, packetID uint32, packet []byte)
	GetNotificationChannel() chan *NFPacket
	StopQueue() error
}

Verdict -- Interface exposing functionality to get a copy of the received packet and set a verdict

func CreateAndStartNfQueue

func CreateAndStartNfQueue(ctx context.Context, queueID uint16, maxPacketsInQueue uint32, packetSize uint32, callback func(*NFPacket, interface{}), errorCallback func(err error, data interface{}), privateData interface{}) (Verdict, error)

CreateAndStartNfQueue -- Wrapper to create/bind to queue set all its params and start listening for packets. queueID -- the queue to create/bind maxPacketsInQueue -- max number of packets in Queue packetSize -- The max expected packetsize privateData -- We will return this on NFpacket.Opaque data for this system.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL