common

package
v1.42.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 8, 2021 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

+build linux !darwin nolint

+build linux !darwin nolint

Index

Constants

View Source
const (
	// ConntrackTable Conntrack table
	// https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK		 1
	ConntrackTable = 1
	// ConntrackExpectTable Conntrack expect table
	// https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK_EXP 2
	ConntrackExpectTable = 2
)
View Source
const (
	//NFQUEUESUBSYSID The netlink subsystem id for nfqueue
	NFQUEUESUBSYSID = 0x3
	//SOCKFAMILY  constant for AF_NETLINK
	SOCKFAMILY = syscall.AF_NETLINK
	//SolNetlink  costant for SOL_NETLINK
	SolNetlink = 270 /* syscall.SOL_NETLINK not defined */

	//NfqnlMsgPacket  packet from kernel to userspace
	NfqnlMsgPacket msgTypes = (NFQUEUESUBSYSID << 8) | 0
	//NfqnlMsgVerdict verdict from userspace to kernel
	NfqnlMsgVerdict msgTypes = (NFQUEUESUBSYSID << 8) | 1
	//NfqnlMsgConfig connect to a particular queue
	NfqnlMsgConfig msgTypes = (NFQUEUESUBSYSID << 8) | 2
	//NfqnlMsgVerdictBatch batch verdict from userspace to kernel
	NfqnlMsgVerdictBatch msgTypes = (NFQUEUESUBSYSID << 8) | 3

	//NFCTNL - Netfilter Conntrack Netink message types
	NfnlConntrackTable msgTypes = (ConntrackTable << 8) | IPCTNL_MSG_CT_NEW

	//NFLOG - Netfilter NFLog message types
	NfnlNFLog msgTypes = (NFNL_SUBSYS_ULOG << 8) | NFULNL_MSG_CONFIG

	/*NlmFRequest -- It is request message. 	*/
	NlmFRequest NlmFlags = 0x1
	/*NlmFMulti -- Multipart message, terminated by NlMsgDone */
	NlmFMulti NlmFlags = 0x2
	/*NlmFAck -- Reply with ack, with zero or error code */
	NlmFAck NlmFlags = 0x4
	/*NlmFEcho -- Echo this request 		*/
	NlmFEcho NlmFlags = 0x8
	/*NlmFDumpintr --  Dump was inconsistent due to sequence change */
	NlmFDumpintr NlmFlags = 0x10
	/*NlmFDumpFiltered -- Dump was filtered as requested */
	NlmFDumpFiltered NlmFlags = 0x20

	//NfnlBuffSize -- Buffer size of socket
	NfnlBuffSize uint32 = (75 * 1024)
	//NFNetlinkV0 - netlink v0
	NFNetlinkV0 uint8 = 0
	//SizeofMsgConfigCommand -- Sizeof config command struct
	SizeofMsgConfigCommand = 0x4
	//SizeofNfGenMsg -- Sizeof nfgen msg struct
	SizeofNfGenMsg uint32 = 0x4
	//SizeofNfAttr -- Sizeof nfattr struct
	// This does not account for the size of the byte slice at the end
	SizeofNfAttr uint16 = 0x4
	//SizeOfNfqMsgConfigParams -- Sizeof NfqMsgConfigParams
	SizeOfNfqMsgConfigParams uint32 = uint32(unsafe.Sizeof(NfqMsgConfigParams{}))
	//SizeOfNfqMsgConfigQueueLen -- Sizeof NfqMsgConfigQueueLen
	SizeOfNfqMsgConfigQueueLen uint32 = uint32(unsafe.Sizeof(NfqMsgConfigQueueLen{}))
	//SizeofNfqMsgVerdictHdr -- Sizeof verdict hdr struct
	SizeofNfqMsgVerdictHdr uint32 = 0x8
	//SizeofNfqMsgMarkHdr -- sizeof mark hdr
	SizeofNfqMsgMarkHdr = 0x4
	//APUNSPEC -- PF_UNSPEC/AF_UNSPEC
	APUNSPEC uint8 = syscall.AF_UNSPEC

	//NlMsgNoop -- do nothing
	NlMsgNoop = 0x1 /* nothing.		*/
	//NlMsgError -- error message from netlink
	NlMsgError = 0x2 /* error		*/
	//NlMsgDone -- Multi part message done
	NlMsgDone = 0x3 /* end of a dump	*/
	//NlMsgOverrun -- Overrun of buffer
	NlMsgOverrun = 0x4 /* data lost		*/

	SizeOfValue8 uint8 = uint8(unsafe.Sizeof(NfValue8{}))

	SizeOfValue16 uint16 = uint16(unsafe.Sizeof(NfValue16{}))

	SizeOfValue32 uint32 = uint32(unsafe.Sizeof(NfValue32{}))
)
View Source
const (
	IPCTNL_MSG_CT_NEW    = 0
	IPCTNL_MSG_CT_GET    = 1
	IPCTNL_MSG_CT_DELETE = 2
)

https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink_conntrack.h

View Source
const (
	TCP_PROTO = 6
	UDP_PROTO = 17
)

For generic use

View Source
const (
	NFNL_SUBSYS_NONE = iota
	NFNL_SUBSYS_CTNETLINK
	NFNL_SUBSYS_CTNETLINK_EXP
	NFNL_SUBSYS_QUEUE
	NFNL_SUBSYS_ULOG
	NFNL_SUBSYS_OSF
	NFNL_SUBSYS_IPSET
	NFNL_SUBSYS_ACCT
	NFNL_SUBSYS_CTNETLINK_TIMEOUT
	NFNL_SUBSYS_CTHELPER
	NFNL_SUBSYS_NFTABLES
	NFNL_SUBSYS_NFT_COMPAT
	NFNL_SUBSYS_COUNT
)
View Source
const (
	NFULNL_MSG_CONFIG = 1
)

Variables

This section is empty.

Functions

func BuildNlMsgHeader

func BuildNlMsgHeader(msgType msgTypes, msgFlags NlmFlags, len uint32) *syscall.NlMsghdr

BuildNlMsgHeader -- Build syscall.NlMsgHdr structure msgType: The message type to be send | SUBSYSID - 3 for us Len: Len of the payload including the sizeof nlmsghdr msgFlags: Request Flags

func IP2int

func IP2int(ip net.IP) uint32

IP2int converts net.IP to uint32

func Int2ip

func Int2ip(nn uint32) net.IP

Int2ip converts uint32 to net.IP

func NativeEndian

func NativeEndian() binary.ByteOrder

NativeEndian -- To get native endianess

func NetlinkErrMessagetoStruct

func NetlinkErrMessagetoStruct(buf []byte) (*syscall.NlMsghdr, *syscall.NlMsgerr)

NetlinkErrMessagetoStruct -- parse byte slice and return syscall.NlMsgerr

func NetlinkMessageToNfAttrStruct

func NetlinkMessageToNfAttrStruct(buf []byte, hdr map[int]*NfAttrResponsePayload) (map[int]*NfAttrResponsePayload, []byte, error)

NetlinkMessageToNfAttrStruct -- Convert byte slice representing nfattr to nfattr struct slice

func NetlinkMessageToStruct

func NetlinkMessageToStruct(buf []byte) (*syscall.NlMsghdr, []byte, error)

NetlinkMessageToStruct -- Convert netlink message byte slice to struct and payload

func NfaAlign

func NfaAlign(len uint16) uint16

NfaAlign -- Align to 4 byte boundary

func NfaAlign32

func NfaAlign32(len uint32) uint32

NfaAlign32 -- Align to 4 byte boundary

func NfaLength

func NfaLength(len uint16) uint16

NfaLength -- adjust length to end on 4 byte multiple

func NlMsgAlign

func NlMsgAlign(len uint32) uint32

NlMsgAlign -- Align to 4 byte boundary

func NlMsgLength

func NlMsgLength(len uint32) uint32

NlMsgLength -- adjust length to end on 4 byte multiple

func NlMsgSpace

func NlMsgSpace(len uint32) uint32

NlMsgSpace -- Space required to hold this message

func NlMsgSubsysID

func NlMsgSubsysID(h *syscall.NlMsghdr) uint16

NlMsgSubsysID returns the subsystem id -- 3 for queue

func NlMsgType

func NlMsgType(h *syscall.NlMsghdr) uint16

NlMsgType Returns the Messagetype

func SerializeNlMsgHdr

func SerializeNlMsgHdr(hdr *syscall.NlMsghdr) []byte

SerializeNlMsgHdr -- Serialize syscall.NlMsgHdr to byte slice

func SerializeNlMsgHdrBuf

func SerializeNlMsgHdrBuf(hdr *syscall.NlMsghdr, buf []byte) int

SerializeNlMsgHdrBuf -- Serialize into passed buffer and returns number of bytes copied

Types

type NfAttr

type NfAttr struct {
	// contains filtered or unexported fields
}

NfAttr -- attr struct header nfaLen -- sizeof struct + payload nfaType -- nfaType

func BuildNfAttrMsg

func BuildNfAttrMsg(attrType uint16, n *syscall.NlMsghdr, dataLen uint32) *NfAttr

BuildNfAttrMsg -- Build nfattr message length -- length of the attr payload -- unused attrType -- Type of attr being added data --- The actual data being added. We only use this to figure out the size of payload. The payload needs to be appended separately n -- syscall.NlMsgHdr adjust length after building the nfattr

func BuildNfAttrWithPaddingMsg

func BuildNfAttrWithPaddingMsg(attrType uint16, dataLen int) *NfAttr

BuildNfAttrWithPaddingMsg -- Build nfattrWithPadding message attrType -- Type of attr which needs padding dataLen -- Length of the attribute

func BuildNfNestedAttrMsg

func BuildNfNestedAttrMsg(attrType uint16, dataLen int) *NfAttr

BuildNfNestedAttrMsg -- Build nfnestedattr message attrType -- Type of attr being added dataLEn -- Length of the attribute

func (*NfAttr) GetNfaLen

func (r *NfAttr) GetNfaLen() uint16

GetNfaLen -- Get Netfilter attribute length

func (*NfAttr) GetNfaType

func (r *NfAttr) GetNfaType() uint16

GetNfaType -- Get Netfilter attribute type

func (*NfAttr) Length

func (r *NfAttr) Length() uint32

Length -- Return length of struct

func (*NfAttr) SetNfaLen

func (r *NfAttr) SetNfaLen(l uint16)

SetNfaLen -- Sets Netfilter attribute length

func (*NfAttr) SetNfaType

func (r *NfAttr) SetNfaType(t uint16)

SetNfaType -- Sets Netfilter attribute type

func (*NfAttr) ToWireFormat

func (r *NfAttr) ToWireFormat() []byte

ToWireFormat -- Convert NfAttr to byte slice

func (*NfAttr) ToWireFormatBuf

func (r *NfAttr) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert struct to []byte and copy it to passed buffer

type NfAttrResponsePayload

type NfAttrResponsePayload struct {
	// contains filtered or unexported fields
}

NfAttrResponsePayload -- Response of attr from netlink attr -- NfAttr data -- payload for response

func SetNetlinkData

func SetNetlinkData(b uint32) *NfAttrResponsePayload

SetNetlinkData -- Sets netlink data

func (*NfAttrResponsePayload) GetNetlinkData

func (d *NfAttrResponsePayload) GetNetlinkData() []byte

GetNetlinkData -- Get netlink data

type NfAttrSlice

type NfAttrSlice [nfqaMax]NfAttrResponsePayload

NfAttrSlice is an array of attributes

type NfValue16

type NfValue16 struct {
	// contains filtered or unexported fields
}

NfValue16 -- uint16 type attribute structure value -- the value for a uint16 type attribute

func (*NfValue16) Get16Value

func (r *NfValue16) Get16Value() uint16

Get16Value -- Get value for uint16 type

func (*NfValue16) Length

func (r *NfValue16) Length() uint16

Length -- Return length of struct

func (*NfValue16) Set16Value

func (r *NfValue16) Set16Value(v uint16)

Set16Value -- Sets value for uint16 type

func (*NfValue16) ToWireFormat

func (r *NfValue16) ToWireFormat() []byte

ToWireFormat -- Convert NfValue16 to byte slice

func (*NfValue16) ToWireFormatBuf added in v1.0.16

func (r *NfValue16) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert NfValue16 to byte and copy to passed buffer

type NfValue32

type NfValue32 struct {
	// contains filtered or unexported fields
}

NfValue32 -- uint32 type attribute structure value -- the value for a uint32 type attribute

func (*NfValue32) Get32Value

func (r *NfValue32) Get32Value() uint32

Get32Value -- Get value for uint32 type

func (*NfValue32) Length

func (r *NfValue32) Length() uint32

Length -- Return length of struct

func (*NfValue32) Set32Value

func (r *NfValue32) Set32Value(v uint32)

Set32Value -- Sets value for uint32 type

func (*NfValue32) ToWireFormat

func (r *NfValue32) ToWireFormat() []byte

ToWireFormat -- Convert NfValue32 to byte slice

func (*NfValue32) ToWireFormatBuf added in v1.0.16

func (r *NfValue32) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert NfValue32 to byte and copy to passed buffer

type NfValue8

type NfValue8 struct {
	// contains filtered or unexported fields
}

NfValue8 -- uint8 type attribute structure value -- the value for a uint8 type attribute

func (*NfValue8) Get8Value

func (r *NfValue8) Get8Value() uint8

Get8Value -- Get value for uint8 type

func (*NfValue8) Length

func (r *NfValue8) Length() uint8

Length -- Return length of struct

func (*NfValue8) Set8Value

func (r *NfValue8) Set8Value(v uint8)

Set8Value -- Sets value for uint8 type

func (*NfValue8) ToWireFormat

func (r *NfValue8) ToWireFormat() []byte

ToWireFormat -- Convert NfValue8 to byte slice

func (*NfValue8) ToWireFormatBuf added in v1.0.16

func (r *NfValue8) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert NfValue8 to byte and copy to passed buffer

type NfqGenMsg

type NfqGenMsg struct {
	// contains filtered or unexported fields
}

NfqGenMsg -- the nfgen msg structure nfGenFamily -- Family version -- netlink version resId -- queueNum in big endian format

func BuildNfgenMsg

func BuildNfgenMsg(family int, version uint8, resID uint16, n *syscall.NlMsghdr) *NfqGenMsg

BuildNfgenMsg -- Build nfgen msg strcuure family -- SOCK FAMILY Version -- Version resId -- queuenum n - syscall.NlMsghdr to adjust length after adding nfgen

func NetlinkMessageToNfGenStruct

func NetlinkMessageToNfGenStruct(buf []byte) (*NfqGenMsg, []byte, error)

NetlinkMessageToNfGenStruct -- Convert netlink byte slice to nfqgen msg structure

func (*NfqGenMsg) GetNfgenFamily

func (nfg *NfqGenMsg) GetNfgenFamily() uint8

GetNfgenFamily -- Get Nfgen family

func (*NfqGenMsg) GetNfgenResID

func (nfg *NfqGenMsg) GetNfgenResID() uint16

GetNfgenResID -- Get Nfgen res

func (*NfqGenMsg) GetNfgenVersion

func (nfg *NfqGenMsg) GetNfgenVersion() uint8

GetNfgenVersion -- Get Nfgen version

func (*NfqGenMsg) Length

func (r *NfqGenMsg) Length() uint32

Length -- Return length of struct

func (*NfqGenMsg) ToWireFormat

func (r *NfqGenMsg) ToWireFormat() []byte

ToWireFormat -- Convert NfqGenMsg to byte slice

func (*NfqGenMsg) ToWireFormatBuf

func (r *NfqGenMsg) ToWireFormatBuf(buf []byte) int

ToWireFormatBuf -- Convert struct to []byte and copy it to passed buffer

type NfqMsgConfigCommand

type NfqMsgConfigCommand struct {
	Command nfqConfigCommands
	// contains filtered or unexported fields
}

NfqMsgConfigCommand -- config command Command -- the config command pf -- family

type NfqMsgConfigParams

type NfqMsgConfigParams struct {
	// contains filtered or unexported fields
}

NfqMsgConfigParams -- Config params copyRange -- Range of bytes to copy copyMode -- copyMode meta/none/packet

type NfqMsgConfigQueueLen

type NfqMsgConfigQueueLen struct {
	// contains filtered or unexported fields
}

NfqMsgConfigQueueLen -- Queue length queueLen -- The length of queue

type NfqMsgMarkHdr

type NfqMsgMarkHdr struct {
	// contains filtered or unexported fields
}

NfqMsgMarkHdr -- Mark Payload mark -- markval

type NfqMsgVerdictHdr

type NfqMsgVerdictHdr struct {
	// contains filtered or unexported fields
}

NfqMsgVerdictHdr -- Verdict Hdr struct verdict -- accept/drop id -- packetid

type NfqNetlinkRequest

type NfqNetlinkRequest struct {
	syscall.NlMsghdr
	Data []byte
}

NfqNetlinkRequest -- netlink request to send NlMsgHdr fields serialized data of structure passed to netlink

type NlmFlags

type NlmFlags uint32

NlmFlags -- The flags passed to NlMsgHdr

type SockHandles

type SockHandles struct {
	Syscalls syscallwrappers.Syscalls
	// contains filtered or unexported fields
}

SockHandles -- Sock handle of netlink socket fd -- fd of socket rcvbufSize -- rcv buffer Size lsa -- local address

Directories

Path Synopsis
Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.
Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL