Documentation ¶
Overview ¶
+build linux !darwin nolint
+build linux !darwin nolint
Index ¶
- Constants
- func BuildNlMsgHeader(msgType msgTypes, msgFlags NlmFlags, len uint32) *syscall.NlMsghdr
- func GetNetlinkDataArray(index int, d []*NfAttrResponsePayload) []byte
- func IP2int(ip net.IP) uint32
- func Int2ip(nn uint32) net.IP
- func NativeEndian() binary.ByteOrder
- func NetlinkErrMessagetoStruct(buf []byte) (*syscall.NlMsghdr, *syscall.NlMsgerr)
- func NetlinkMessageToStruct(buf []byte) (*syscall.NlMsghdr, []byte, error)
- func NfaAlign(len uint16) uint16
- func NfaAlign32(len uint32) uint32
- func NfaLength(len uint16) uint16
- func NlMsgAlign(len uint32) uint32
- func NlMsgLength(len uint32) uint32
- func NlMsgSpace(len uint32) uint32
- func NlMsgSubsysID(h *syscall.NlMsghdr) uint16
- func NlMsgType(h *syscall.NlMsghdr) uint16
- func SerializeNlMsgHdr(hdr *syscall.NlMsghdr) []byte
- func SerializeNlMsgHdrBuf(hdr *syscall.NlMsghdr, buf []byte) int
- type NfAttr
- type NfAttrResponsePayload
- type NfAttrSlice
- type NfValue16
- type NfValue32
- type NfValue8
- type NfqGenMsg
- type NfqMsgConfigCommand
- type NfqMsgConfigParams
- type NfqMsgConfigQueueLen
- type NfqMsgMarkHdr
- type NfqMsgVerdictHdr
- type NfqNetlinkRequest
- type NlmFlags
- type SockHandles
Constants ¶
const ( // ConntrackTable Conntrack table // https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK 1 ConntrackTable = 1 // ConntrackExpectTable Conntrack expect table // https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK_EXP 2 ConntrackExpectTable = 2 )
const ( //NFQUEUESUBSYSID The netlink subsystem id for nfqueue NFQUEUESUBSYSID = 0x3 //SOCKFAMILY constant for AF_NETLINK SOCKFAMILY = syscall.AF_NETLINK //SolNetlink costant for SOL_NETLINK SolNetlink = 270 /* syscall.SOL_NETLINK not defined */ //NfqnlMsgPacket packet from kernel to userspace NfqnlMsgPacket msgTypes = (NFQUEUESUBSYSID << 8) | 0 //NfqnlMsgVerdict verdict from userspace to kernel NfqnlMsgVerdict msgTypes = (NFQUEUESUBSYSID << 8) | 1 //NfqnlMsgConfig connect to a particular queue NfqnlMsgConfig msgTypes = (NFQUEUESUBSYSID << 8) | 2 //NfqnlMsgVerdictBatch batch verdict from userspace to kernel NfqnlMsgVerdictBatch msgTypes = (NFQUEUESUBSYSID << 8) | 3 //NFCTNL - Netfilter Conntrack Netink message types NfnlConntrackTable msgTypes = (ConntrackTable << 8) | IPCTNL_MSG_CT_NEW //NFLOG - Netfilter NFLog message types NfnlNFLog msgTypes = (NFNL_SUBSYS_ULOG << 8) | NFULNL_MSG_CONFIG /*NlmFRequest -- It is request message. */ NlmFRequest NlmFlags = 0x1 /*NlmFMulti -- Multipart message, terminated by NlMsgDone */ NlmFMulti NlmFlags = 0x2 /*NlmFAck -- Reply with ack, with zero or error code */ NlmFAck NlmFlags = 0x4 /*NlmFEcho -- Echo this request */ NlmFEcho NlmFlags = 0x8 /*NlmFDumpintr -- Dump was inconsistent due to sequence change */ NlmFDumpintr NlmFlags = 0x10 /*NlmFDumpFiltered -- Dump was filtered as requested */ NlmFDumpFiltered NlmFlags = 0x20 //NfnlBuffSize -- Buffer size of socket NfnlBuffSize uint32 = (75 * 1024) //NFNetlinkV0 - netlink v0 NFNetlinkV0 uint8 = 0 //SizeofMsgConfigCommand -- Sizeof config command struct SizeofMsgConfigCommand = 0x4 //SizeofNfGenMsg -- Sizeof nfgen msg struct SizeofNfGenMsg uint32 = 0x4 //SizeofNfAttr -- Sizeof nfattr struct // This does not account for the size of the byte slice at the end SizeofNfAttr uint16 = 0x4 //SizeOfNfqMsgConfigParams -- Sizeof NfqMsgConfigParams SizeOfNfqMsgConfigParams uint32 = uint32(unsafe.Sizeof(NfqMsgConfigParams{})) //SizeOfNfqMsgConfigQueueLen -- Sizeof NfqMsgConfigQueueLen SizeOfNfqMsgConfigQueueLen uint32 = uint32(unsafe.Sizeof(NfqMsgConfigQueueLen{})) //SizeofNfqMsgVerdictHdr -- Sizeof verdict hdr struct SizeofNfqMsgVerdictHdr uint32 = 0x8 //SizeofNfqMsgMarkHdr -- sizeof mark hdr SizeofNfqMsgMarkHdr = 0x4 //APUNSPEC -- PF_UNSPEC/AF_UNSPEC APUNSPEC uint8 = syscall.AF_UNSPEC //NlMsgNoop -- do nothing NlMsgNoop = 0x1 /* nothing. */ //NlMsgError -- error message from netlink NlMsgError = 0x2 /* error */ //NlMsgDone -- Multi part message done NlMsgDone = 0x3 /* end of a dump */ //NlMsgOverrun -- Overrun of buffer NlMsgOverrun = 0x4 /* data lost */ SizeOfValue8 uint8 = uint8(unsafe.Sizeof(NfValue8{})) SizeOfValue16 uint16 = uint16(unsafe.Sizeof(NfValue16{})) SizeOfValue32 uint32 = uint32(unsafe.Sizeof(NfValue32{})) )
const ( IPCTNL_MSG_CT_NEW = 0 IPCTNL_MSG_CT_GET = 1 IPCTNL_MSG_CT_DELETE = 2 )
https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink_conntrack.h
const ( TCP_PROTO = 6 UDP_PROTO = 17 )
For generic use
const ( NFNL_SUBSYS_NONE = iota NFNL_SUBSYS_CTNETLINK NFNL_SUBSYS_CTNETLINK_EXP NFNL_SUBSYS_QUEUE NFNL_SUBSYS_ULOG NFNL_SUBSYS_OSF NFNL_SUBSYS_IPSET NFNL_SUBSYS_ACCT NFNL_SUBSYS_CTNETLINK_TIMEOUT NFNL_SUBSYS_CTHELPER NFNL_SUBSYS_NFTABLES NFNL_SUBSYS_NFT_COMPAT NFNL_SUBSYS_COUNT )
const (
NFULNL_MSG_CONFIG = 1
)
Variables ¶
This section is empty.
Functions ¶
func BuildNlMsgHeader ¶
BuildNlMsgHeader -- Build syscall.NlMsgHdr structure msgType: The message type to be send | SUBSYSID - 3 for us Len: Len of the payload including the sizeof nlmsghdr msgFlags: Request Flags
func GetNetlinkDataArray ¶
func GetNetlinkDataArray(index int, d []*NfAttrResponsePayload) []byte
GetNetlinkDataArray -- Get netlink data from array
func NetlinkErrMessagetoStruct ¶
NetlinkErrMessagetoStruct -- parse byte slice and return syscall.NlMsgerr
func NetlinkMessageToStruct ¶
NetlinkMessageToStruct -- Convert netlink message byte slice to struct and payload
func NlMsgLength ¶
NlMsgLength -- adjust length to end on 4 byte multiple
func NlMsgSpace ¶
NlMsgSpace -- Space required to hold this message
func NlMsgSubsysID ¶
NlMsgSubsysID returns the subsystem id -- 3 for queue
func SerializeNlMsgHdr ¶
SerializeNlMsgHdr -- Serialize syscall.NlMsgHdr to byte slice
Types ¶
type NfAttr ¶
type NfAttr struct {
// contains filtered or unexported fields
}
NfAttr -- attr struct header nfaLen -- sizeof struct + payload nfaType -- nfaType
func BuildNfAttrMsg ¶
BuildNfAttrMsg -- Build nfattr message length -- length of the attr payload -- unused attrType -- Type of attr being added data --- The actual data being added. We only use this to figure out the size of payload. The payload needs to be appended separately n -- syscall.NlMsgHdr adjust length after building the nfattr
func BuildNfAttrWithPaddingMsg ¶
BuildNfAttrWithPaddingMsg -- Build nfattrWithPadding message attrType -- Type of attr which needs padding dataLen -- Length of the attribute
func BuildNfNestedAttrMsg ¶
BuildNfNestedAttrMsg -- Build nfnestedattr message attrType -- Type of attr being added dataLEn -- Length of the attribute
func (*NfAttr) GetNfaType ¶
GetNfaType -- Get Netfilter attribute type
func (*NfAttr) SetNfaType ¶
SetNfaType -- Sets Netfilter attribute type
func (*NfAttr) ToWireFormat ¶
ToWireFormat -- Convert NfAttr to byte slice
func (*NfAttr) ToWireFormatBuf ¶
ToWireFormatBuf -- Convert struct to []byte and copy it to passed buffer
type NfAttrResponsePayload ¶
type NfAttrResponsePayload struct {
// contains filtered or unexported fields
}
NfAttrResponsePayload -- Response of attr from netlink attr -- NfAttr data -- payload for response
func NetlinkMessageToNfAttrStruct ¶
func NetlinkMessageToNfAttrStruct(buf []byte, hdr []*NfAttrResponsePayload) ([]*NfAttrResponsePayload, []byte, error)
NetlinkMessageToNfAttrStruct -- Convert byte slice representing nfattr to nfattr struct slice
func SetNetlinkData ¶
func SetNetlinkData(b uint32) *NfAttrResponsePayload
SetNetlinkData -- Sets netlink data
func (*NfAttrResponsePayload) GetNetlinkData ¶
func (d *NfAttrResponsePayload) GetNetlinkData() []byte
GetNetlinkData -- Get netlink data
type NfAttrSlice ¶
type NfAttrSlice [nfqaMax]NfAttrResponsePayload
NfAttrSlice is an array of attributes
type NfValue16 ¶
type NfValue16 struct {
// contains filtered or unexported fields
}
NfValue16 -- uint16 type attribute structure value -- the value for a uint16 type attribute
func (*NfValue16) Get16Value ¶
Get16Value -- Get value for uint16 type
func (*NfValue16) Set16Value ¶
Set16Value -- Sets value for uint16 type
func (*NfValue16) ToWireFormat ¶
ToWireFormat -- Convert NfValue16 to byte slice
func (*NfValue16) ToWireFormatBuf ¶ added in v1.0.16
ToWireFormatBuf -- Convert NfValue16 to byte and copy to passed buffer
type NfValue32 ¶
type NfValue32 struct {
// contains filtered or unexported fields
}
NfValue32 -- uint32 type attribute structure value -- the value for a uint32 type attribute
func (*NfValue32) Get32Value ¶
Get32Value -- Get value for uint32 type
func (*NfValue32) Set32Value ¶
Set32Value -- Sets value for uint32 type
func (*NfValue32) ToWireFormat ¶
ToWireFormat -- Convert NfValue32 to byte slice
func (*NfValue32) ToWireFormatBuf ¶ added in v1.0.16
ToWireFormatBuf -- Convert NfValue32 to byte and copy to passed buffer
type NfValue8 ¶
type NfValue8 struct {
// contains filtered or unexported fields
}
NfValue8 -- uint8 type attribute structure value -- the value for a uint8 type attribute
func (*NfValue8) ToWireFormat ¶
ToWireFormat -- Convert NfValue8 to byte slice
func (*NfValue8) ToWireFormatBuf ¶ added in v1.0.16
ToWireFormatBuf -- Convert NfValue8 to byte and copy to passed buffer
type NfqGenMsg ¶
type NfqGenMsg struct {
// contains filtered or unexported fields
}
NfqGenMsg -- the nfgen msg structure nfGenFamily -- Family version -- netlink version resId -- queueNum in big endian format
func BuildNfgenMsg ¶
BuildNfgenMsg -- Build nfgen msg strcuure family -- SOCK FAMILY Version -- Version resId -- queuenum n - syscall.NlMsghdr to adjust length after adding nfgen
func NetlinkMessageToNfGenStruct ¶
NetlinkMessageToNfGenStruct -- Convert netlink byte slice to nfqgen msg structure
func (*NfqGenMsg) GetNfgenFamily ¶
GetNfgenFamily -- Get Nfgen family
func (*NfqGenMsg) GetNfgenResID ¶
GetNfgenResID -- Get Nfgen res
func (*NfqGenMsg) GetNfgenVersion ¶
GetNfgenVersion -- Get Nfgen version
func (*NfqGenMsg) ToWireFormat ¶
ToWireFormat -- Convert NfqGenMsg to byte slice
func (*NfqGenMsg) ToWireFormatBuf ¶
ToWireFormatBuf -- Convert struct to []byte and copy it to passed buffer
type NfqMsgConfigCommand ¶
type NfqMsgConfigCommand struct { Command nfqConfigCommands // contains filtered or unexported fields }
NfqMsgConfigCommand -- config command Command -- the config command pf -- family
type NfqMsgConfigParams ¶
type NfqMsgConfigParams struct {
// contains filtered or unexported fields
}
NfqMsgConfigParams -- Config params copyRange -- Range of bytes to copy copyMode -- copyMode meta/none/packet
type NfqMsgConfigQueueLen ¶
type NfqMsgConfigQueueLen struct {
// contains filtered or unexported fields
}
NfqMsgConfigQueueLen -- Queue length queueLen -- The length of queue
type NfqMsgMarkHdr ¶
type NfqMsgMarkHdr struct {
// contains filtered or unexported fields
}
NfqMsgMarkHdr -- Mark Payload mark -- markval
type NfqMsgVerdictHdr ¶
type NfqMsgVerdictHdr struct {
// contains filtered or unexported fields
}
NfqMsgVerdictHdr -- Verdict Hdr struct verdict -- accept/drop id -- packetid
type NfqNetlinkRequest ¶
NfqNetlinkRequest -- netlink request to send NlMsgHdr fields serialized data of structure passed to netlink
type SockHandles ¶
type SockHandles struct { Syscalls syscallwrappers.Syscalls // contains filtered or unexported fields }
SockHandles -- Sock handle of netlink socket fd -- fd of socket rcvbufSize -- rcv buffer Size lsa -- local address