Documentation ¶
Index ¶
- Constants
- func BindAndListenForLogs(groups []uint16, packetSize uint32, callback func(*NfPacket, interface{}), ...) error
- func NfaAlign16(v uint16) uint16
- type IPLayer
- type NFLog
- type NfLog
- func (nl *NfLog) NFlogBind() error
- func (nl *NfLog) NFlogBindGroup(groups []uint16, callback func(*NfPacket, interface{}), ...) error
- func (nl *NfLog) NFlogClose()
- func (nl *NfLog) NFlogOpen() (SockHandle, error)
- func (nl *NfLog) NFlogSetMode(groups []uint16, packetSize uint32) error
- func (nl *NfLog) NFlogUnbind() error
- func (nl *NfLog) ReadLogs()
- type NfPacket
- type NflMsgConfigCommand
- type NflMsgConfigMode
- type PacketPayload
- type Ports
- type SockHandle
- type SockHandles
Constants ¶
const ( NFULNL_MSG_PACKET = iota NFULNL_MSG_CONFIG NFULNL_MSG_MAX )
enum nfulnl_msg_types
const ( NFULNL_CFG_CMD_NONE = iota NFULNL_CFG_CMD_BIND NFULNL_CFG_CMD_UNBIND NFULNL_CFG_CMD_PF_BIND NFULNL_CFG_CMD_PF_UNBIND )
enum nfulnl_msg_config_cmds
const ( NFULNL_COPY_NONE = iota NFULNL_COPY_META NFULNL_COPY_PACKET )
const ( NFULA_CFG_UNSPEC = iota NFULA_CFG_CMD /* nfulnl_msg_config_cmd */ NFULA_CFG_MODE /* nfulnl_msg_config_mode */ NFULA_CFG_NLBUFSIZ /* __u32 buffer size */ NFULA_CFG_TIMEOUT /* __u32 in 1/100 s */ NFULA_CFG_QTHRESH /* __u32 */ NFULA_CFG_FLAGS /* __u16 */ )
enum nfulnl_attr_config
const ( NFULA_UNSPEC = iota NFULA_PACKET_HDR NFULA_MARK /* __u32 nfmark */ NFULA_TIMESTAMP /* nfulnl_msg_packet_timestamp */ NFULA_IFINDEX_INDEV /* __u32 ifindex */ NFULA_IFINDEX_OUTDEV /* __u32 ifindex */ NFULA_IFINDEX_PHYSINDEV /* __u32 ifindex */ NFULA_IFINDEX_PHYSOUTDEV /* __u32 ifindex */ NFULA_HWADDR /* nfulnl_msg_packet_hw */ NFULA_PAYLOAD /* opaque data payload */ NFULA_PREFIX /* string prefix */ NFULA_UID /* user id of socket */ NFULA_SEQ /* instance-local sequence number */ NFULA_SEQ_GLOBAL /* global sequence number */ NFULA_GID /* group id of socket */ NFULA_HWTYPE /* hardware type */ NFULA_HWHEADER /* hardware header */ NFULA_HWLEN /* hardware header length */ NFULA_CT /* nf_conntrack_netlink.h */ NFULA_CT_INFO /* enum ip_conntrack_info */ )
enum nfulnl_attr_type
const ( SizeofMsgConfigCommand = 0x4 SizeofMsgConfigMode uint32 = uint32(unsafe.Sizeof(NflMsgConfigMode{})) )
Variables ¶
This section is empty.
Functions ¶
func BindAndListenForLogs ¶
func BindAndListenForLogs(groups []uint16, packetSize uint32, callback func(*NfPacket, interface{}), errorCallback func(err error)) error
BindAndListenForLogs -- a complete set to open/unbind/bind/bindgroup and listen for logs group -- group to bind with and listen packetSize -- max expected packetSize (0:unlimited)
func NfaAlign16 ¶
Types ¶
type IPLayer ¶
type IPLayer struct { SrcIP net.IP DstIP net.IP Version uint8 Protocol layers.IPProtocol Length uint16 }
IPLayer -- IPLayer struct
type NFLog ¶
type NFLog interface { NFlogOpen() (SockHandle, error) NFlogUnbind() error NFlogBind() error NFlogBindGroup(group []uint16, data func(packet *NfPacket, callback interface{}), errorCallback func(err error)) error NFlogSetMode(groups []uint16, copyrange uint32) error ReadLogs() NFlogClose() // contains filtered or unexported methods }
NFLog -- This is the interface which has all the necessary functions to read logs from kernel This is needed if we don't want to call BindAndListenForLogs() Useful for testing and debugging
type NfLog ¶
type NfLog struct { Groups []uint16 CopyRange uint16 Socket SockHandle Syscalls syscallwrappers.Syscalls // contains filtered or unexported fields }
NfLog -- Nflog struct Groups -- Nflog group to bind with. max 32 CopyRange -- Nflog packetsize. 0: Unlimited
func (*NfLog) NFlogBindGroup ¶
func (nl *NfLog) NFlogBindGroup(groups []uint16, callback func(*NfPacket, interface{}), errorCallback func(err error)) error
NFlogBindGroup -- Bind to a group group -- group to bind with
func (*NfLog) NFlogOpen ¶
func (nl *NfLog) NFlogOpen() (SockHandle, error)
NFlogOpen Open a new netlink socket Create a new sock handle and return the handle Open a new socket and return it in the NflogHandle. The fd for the socket is stored in an unexported handle
func (*NfLog) NFlogSetMode ¶
NFlogSetMode -- Set queue mode CopyMeta packetSize -- The range of bytes from packets to copy
func (*NfLog) NFlogUnbind ¶
NFlogUnbind -- passes an unbind command to nfnetlink for AF_INET.
type NfPacket ¶
type NfPacket struct { Prefix string Payload []byte IPLayer Ports PacketPayload NflogHandle *NfLog }
NfPacket -- NfPacket struct for parsing logs Payload -- Complete packet with ethernet,tcp and ip IPLayer -- Iplayer struct TCPLayer -- Tcplayer struct PacketPayload -- Tcp payload
type NflMsgConfigCommand ¶
type NflMsgConfigCommand struct {
// contains filtered or unexported fields
}
NflMsgConfigCommand -- NflMsgConfigCommand struct for configs (ex: bind)
func (*NflMsgConfigCommand) Length ¶
func (r *NflMsgConfigCommand) Length() uint32
Length -- Return length of struct
func (*NflMsgConfigCommand) ToWireFormat ¶
func (r *NflMsgConfigCommand) ToWireFormat() []byte
ToWireFormat -- Convert NflMsgConfigCommand to byte slice
type NflMsgConfigMode ¶
type NflMsgConfigMode struct {
// contains filtered or unexported fields
}
NflMsgConfigMode -- NflMsgConfigMode struct for copy range and mode (ex: copy meta)
func (*NflMsgConfigMode) Length ¶
func (r *NflMsgConfigMode) Length() uint32
Length -- Return length of struct
func (*NflMsgConfigMode) ToWireFormat ¶
func (r *NflMsgConfigMode) ToWireFormat() []byte
ToWireFormat -- Convert NflMsgConfigMode to byte slice
type PacketPayload ¶
type PacketPayload struct {
AppPayload []byte
}
PacketPayload -- PacketPayload struct
type SockHandle ¶
type SockHandle interface {
// contains filtered or unexported methods
}
SockHandle Opaque interface with unexported functions
type SockHandles ¶
type SockHandles struct { Syscalls syscallwrappers.Syscalls // contains filtered or unexported fields }
SockHandle -- Sock handle of netlink socket fd -- fd of socket rcvbufSize -- rcv buffer Size lsa -- local address