Documentation ¶
Overview ¶
Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.
Index ¶
- Constants
- Variables
- func TCPFlagsToStr(flags uint8) string
- type Packet
- func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)
- func (p *Packet) DecreaseTCPAck(decr uint32)
- func (p *Packet) DecreaseTCPSeq(decr uint32)
- func (p *Packet) DropDetachedBytes()
- func (p *Packet) DropDetachedDataBytes()
- func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)
- func (p *Packet) FixupTCPHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)
- func (p *Packet) FixupTCPHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)
- func (p *Packet) GetBytes() []byte
- func (p *Packet) GetIPLength() uint16
- func (p *Packet) GetTCPData() []byte
- func (p *Packet) GetTCPOptions() []byte
- func (p *Packet) ID() string
- func (p *Packet) IncreaseTCPAck(incr uint32)
- func (p *Packet) IncreaseTCPSeq(incr uint32)
- func (p *Packet) L4FlowHash() string
- func (p *Packet) L4ReverseFlowHash() string
- func (p *Packet) Print(context uint64)
- func (p *Packet) ReadTCPData() []byte
- func (p *Packet) ReadTCPDataString() string
- func (p *Packet) SetTCPData(b []byte)
- func (p *Packet) SourcePortHash(stage uint64) string
- func (p *Packet) String() string
- func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)
- func (p *Packet) TCPDataDetach(optionLength uint16) (err error)
- func (p *Packet) TCPDataLength() int
- func (p *Packet) TCPDataStartBytes() uint16
- func (p *Packet) TCPOptionLength() int
- func (p *Packet) UpdateIPChecksum()
- func (p *Packet) UpdateTCPChecksum()
- func (p *Packet) VerifyIPChecksum() bool
- func (p *Packet) VerifyTCPChecksum() bool
Constants ¶
const ( // IPProtocolTCP defines the constant for UDP protocol number IPProtocolTCP = 6 // IPProtocolUDP defines the constant for UDP protocol number IPProtocolUDP = 17 )
IP Protocol numbers
const ( // TCPSynMask is a mask for the TCP Syn flags TCPSynMask = 0x2 // TCPSynAckMask mask idenitifies a TCP SYN-ACK packet TCPSynAckMask = 0x12 // TCPRstMask mask that identifies RST packets TCPRstMask = 0x4 // TCPAckMask mask that identifies ACK packets TCPAckMask = 0x10 // TCPFinMask mask that identifies FIN packets TCPFinMask = 0x1 )
TCP Header masks
const ( // TCPAuthenticationOption is the option number will be using TCPAuthenticationOption = uint8(254) // TCPMssOption is the type for MSS option TCPMssOption = uint8(2) // TCPMssOptionLen is the type for MSS option TCPMssOptionLen = uint8(4) )
TCP Options Related constants
const ( // PacketTypeNetwork is enum for from-network packets PacketTypeNetwork = 0x1000 // PacketTypeApplication is enum for from-application packets PacketTypeApplication = 0x2000 // PacketStageIncoming is an enum for incoming stage PacketStageIncoming = 0x0100 // PacketStageAuth is an enum for authentication stage PacketStageAuth = 0x0200 // PacketStageService is an enum for crypto stage PacketStageService = 0x0400 // PacketStageOutgoing is an enum for outgoing stage PacketStageOutgoing = 0x0800 // PacketFailureCreate is the drop reason for packet PacketFailureCreate = 0x0010 // PacketFailureAuth is a drop reason for packet due to authentication error PacketFailureAuth = 0x0020 // PacketFailureService is a drop reason for packet due to crypto error PacketFailureService = 0x00040 )
const (
// ipIDPos is location of IP Identifier
IPIDPos = 4
)
IP Header field position constants
const (
// TCPChecksumPos is the location of TCP checksum
TCPChecksumPos = 36
)
TCP Header field position constants
Variables ¶
var ( // PacketLogLevel determines if packet logging is turned on PacketLogLevel int )
Functions ¶
func TCPFlagsToStr ¶
TCPFlagsToStr converts the TCP Flags to a string value that is human readable
Types ¶
type Packet ¶
type Packet struct { // Mark is the nfqueue Mark Mark string // Buffers : input/output buffer Buffer []byte IPProto uint8 IPTotalLength uint16 SourceAddress net.IP DestinationAddress net.IP // L4 Header Fields SourcePort uint16 DestinationPort uint16 // TCP Specific fields TCPSeq uint32 TCPAck uint32 TCPFlags uint8 TCPChecksum uint16 // Service Metadata SvcMetadata interface{} // Connection Metadata ConnectionMetadata interface{} // contains filtered or unexported fields }
Packet is the main structure holding packet information
func New ¶
New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.
func (*Packet) CheckTCPAuthenticationOption ¶
CheckTCPAuthenticationOption ensures authentication option exists at the offset provided
func (*Packet) DecreaseTCPAck ¶
DecreaseTCPAck decreases TCP ack number by decr
func (*Packet) DecreaseTCPSeq ¶
DecreaseTCPSeq decreases TCP seq number by decr
func (*Packet) DropDetachedBytes ¶
func (p *Packet) DropDetachedBytes()
DropDetachedBytes removes any bytes that have been detached and stored locally
func (*Packet) DropDetachedDataBytes ¶
func (p *Packet) DropDetachedDataBytes()
DropDetachedDataBytes removes any bytes that have been detached and stored locally
func (*Packet) FixupIPHdrOnDataModify ¶
FixupIPHdrOnDataModify modifies the IP header fields and checksum
func (*Packet) FixupTCPHdrOnTCPDataAttach ¶
FixupTCPHdrOnTCPDataAttach modifies the TCP header fields and checksum
func (*Packet) FixupTCPHdrOnTCPDataDetach ¶
FixupTCPHdrOnTCPDataDetach modifies the TCP header fields and checksum
func (*Packet) GetBytes ¶
GetBytes returns the bytes in the packet. It consolidates in case of changes as well
func (*Packet) GetIPLength ¶
GetIPLength returns the IP length
func (*Packet) GetTCPData ¶
GetTCPData returns any additional data in the packet
func (*Packet) GetTCPOptions ¶
GetTCPOptions returns any additional options in the packet
func (*Packet) IncreaseTCPAck ¶
IncreaseTCPAck increases TCP ack number by incr
func (*Packet) IncreaseTCPSeq ¶
IncreaseTCPSeq increases TCP seq number by incr
func (*Packet) L4FlowHash ¶
L4FlowHash calculate a hash string based on the 4-tuple
func (*Packet) L4ReverseFlowHash ¶
L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information
func (*Packet) ReadTCPData ¶
ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet
func (*Packet) ReadTCPDataString ¶
ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet
func (*Packet) SetTCPData ¶
SetTCPData returns any additional data in the packet
func (*Packet) SourcePortHash ¶
SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.
func (*Packet) TCPDataAttach ¶
TCPDataAttach modifies the TCP and IP header fields and checksum
func (*Packet) TCPDataDetach ¶
TCPDataDetach performs the following:
- Removes all TCP data from Buffer to TCPData.
- Removes "optionLength" bytes of options from TCP header to tcpOptions
- Updates IP Hdr (lengths, checksums)
- Updates TCP header (checksums)
func (*Packet) TCPDataLength ¶
TCPDataLength -- returns the length of tcp options
func (*Packet) TCPDataStartBytes ¶
TCPDataStartBytes provides the tcp data start offset in bytes
func (*Packet) TCPOptionLength ¶
TCPOptionLength returns the length of tcpoptions
func (*Packet) UpdateIPChecksum ¶
func (p *Packet) UpdateIPChecksum()
UpdateIPChecksum computes the IP header checksum and updates the packet with the value.
func (*Packet) UpdateTCPChecksum ¶
func (p *Packet) UpdateTCPChecksum()
UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.
func (*Packet) VerifyIPChecksum ¶
VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.
func (*Packet) VerifyTCPChecksum ¶
VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.