packet

package
v10.180.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 21, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Index

Constants

View Source
const (
	// IPProtocolTCP defines the constant for UDP protocol number
	IPProtocolTCP = 6

	// IPProtocolUDP defines the constant for UDP protocol number
	IPProtocolUDP = 17
)

IP Protocol numbers

View Source
const (

	// TCPSynMask is a mask for the TCP Syn flags
	TCPSynMask = 0x2

	// TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
	TCPSynAckMask = 0x12

	// TCPRstMask mask that identifies RST packets
	TCPRstMask = 0x4

	// TCPAckMask mask that identifies ACK packets
	TCPAckMask = 0x10

	// TCPFinMask mask that identifies FIN packets
	TCPFinMask = 0x1

	// TCPPshMask = 0x8 mask that identifies PSH packets
	TCPPshMask = 0x8
)

TCP Header masks

View Source
const (
	// TCPAuthenticationOption is the option number will be using
	TCPAuthenticationOption = uint8(34)

	// TCPMssOption is the type for MSS option
	TCPMssOption = uint8(2)

	// TCPMssOptionLen is the type for MSS option
	TCPMssOptionLen = uint8(4)
)

TCP Options Related constants

View Source
const (

	// UDPDataPos is the location of UDP data
	UDPDataPos = 8
	// UDPSynMask is a mask for the UDP Syn flags
	UDPSynMask = 0x10
	// UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
	UDPSynAckMask = 0x20
	// UDPAckMask mask that identifies ACK packets.
	UDPAckMask = 0x30
	// UDPFinAckMask mask that identifies the FinAck packets
	UDPFinAckMask = 0x40
	// UDPDataPacket is a simple data packet
	UDPDataPacket = 0x80
	// UDPPacketMask identifies type of UDP packet.
	UDPPacketMask = 0xF0
)

UDP related constants.

View Source
const (
	// UDPAuthMarker is 18 byte Aporeto signature for UDP
	UDPAuthMarker = "n30njxq7bmiwr6dtxq"
	// UDPAuthMarkerLen is the length of UDP marker.
	UDPAuthMarkerLen = 18
	// UDPSignatureLen is the length of signature on UDP control packet.
	UDPSignatureLen = 20
)
View Source
const (
	// PacketTypeNetwork is enum for from-network packets
	PacketTypeNetwork = 0x1000
	// PacketTypeApplication is enum for from-application packets
	PacketTypeApplication = 0x2000

	// PacketStageIncoming is an enum for incoming stage
	PacketStageIncoming = 0x0100
	// PacketStageAuth is an enum for authentication stage
	PacketStageAuth = 0x0200
	// PacketStageService is an enum for crypto stage
	PacketStageService = 0x0400
	// PacketStageOutgoing is an enum for outgoing stage
	PacketStageOutgoing = 0x0800

	// PacketFailureCreate is the drop reason for packet
	PacketFailureCreate = 0x0010
	// PacketFailureAuth is a drop reason for packet due to authentication error
	PacketFailureAuth = 0x0020
	// PacketFailureService is a drop reason for packet due to crypto error
	PacketFailureService = 0x00040
)

Variables

View Source
var (
	// PacketLogLevel determines if packet logging is turned on
	PacketLogLevel bool
)

Functions

func CreateUDPAuthMarker

func CreateUDPAuthMarker(packetType uint8) []byte

CreateUDPAuthMarker creates a UDP auth marker.

func GetUDPTypeFromBuffer

func GetUDPTypeFromBuffer(buffer []byte) byte

GetUDPTypeFromBuffer gets the UDP packet from a raw buffer.,

func TCPFlagsToStr

func TCPFlagsToStr(flags uint8) string

TCPFlagsToStr converts the TCP Flags to a string value that is human readable

Types

type Packet

type Packet struct {

	// Mark is the nfqueue Mark
	Mark string

	// Service Metadata
	SvcMetadata interface{}
	// Connection Metadata
	ConnectionMetadata interface{}
	// contains filtered or unexported fields
}

Packet structure

func New

func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

func TestGetTCPPacket

func TestGetTCPPacket(srcIP, dstIP net.IP, srcPort, dstPort uint16) *Packet

TestGetTCPPacket is used by other test code when they need to create a packet

func (*Packet) CheckTCPAuthenticationOption

func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

func (*Packet) ConvertAcktoFinAck

func (p *Packet) ConvertAcktoFinAck() error

ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

func (*Packet) CreateReverseFlowPacket

func (p *Packet) CreateReverseFlowPacket(destIP net.IP, destPort uint16)

CreateReverseFlowPacket modifies the packet for reverse flow.

func (*Packet) DecreaseTCPAck

func (p *Packet) DecreaseTCPAck(decr uint32)

DecreaseTCPAck decreases TCP ack number by decr

func (*Packet) DecreaseTCPSeq

func (p *Packet) DecreaseTCPSeq(decr uint32)

DecreaseTCPSeq decreases TCP seq number by decr

func (*Packet) DestPort

func (p *Packet) DestPort() uint16

DestPort -- returns the appropriate destination port

func (*Packet) DestinationAddress

func (p *Packet) DestinationAddress() net.IP

DestinationAddress returns the destination address

func (*Packet) DropTCPDetachedBytes

func (p *Packet) DropTCPDetachedBytes()

DropTCPDetachedBytes removes any bytes that have been detached and stored locally

func (*Packet) DropTCPDetachedDataBytes

func (p *Packet) DropTCPDetachedDataBytes()

DropTCPDetachedDataBytes removes any bytes that have been detached and stored locally

func (*Packet) FixupIPHdrOnDataModify

func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

FixupIPHdrOnDataModify modifies the IP header fields and checksum

func (*Packet) FixuptcpHdrOnTCPDataAttach

func (p *Packet) FixuptcpHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

FixuptcpHdrOnTCPDataAttach modifies the TCP header fields and checksum

func (*Packet) FixuptcpHdrOnTCPDataDetach

func (p *Packet) FixuptcpHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

FixuptcpHdrOnTCPDataDetach modifies the TCP header fields and checksum

func (*Packet) GetBuffer

func (p *Packet) GetBuffer(offset int) []byte

GetBuffer returns the slice representing the buffer at offset specified

func (*Packet) GetIPLength

func (p *Packet) GetIPLength() uint16

GetIPLength returns the IP length

func (*Packet) GetTCPBytes

func (p *Packet) GetTCPBytes() []byte

GetTCPBytes returns the bytes in the packet. It consolidates in case of changes as well

func (*Packet) GetTCPData

func (p *Packet) GetTCPData() []byte

GetTCPData returns any additional data in the packet

func (*Packet) GetTCPFlags

func (p *Packet) GetTCPFlags() uint8

GetTCPFlags returns the tcp flags from the packet

func (*Packet) GetTCPOptions

func (p *Packet) GetTCPOptions() []byte

GetTCPOptions returns any additional options in the packet

func (*Packet) GetUDPData

func (p *Packet) GetUDPData() []byte

GetUDPData return additional data in packet

func (*Packet) GetUDPDataStartBytes

func (p *Packet) GetUDPDataStartBytes() uint16

GetUDPDataStartBytes return start of UDP data

func (*Packet) GetUDPType

func (p *Packet) GetUDPType() byte

GetUDPType returns udp type of packet.

func (*Packet) ID

func (p *Packet) ID() string

ID returns the IP ID of the packet

func (*Packet) IPHeaderLen

func (p *Packet) IPHeaderLen() uint8

IPHeaderLen returns the ip header length

func (*Packet) IPProto

func (p *Packet) IPProto() uint8

IPProto returns the L4 protocol

func (*Packet) IPTotalLen

func (p *Packet) IPTotalLen() uint16

IPTotalLen returns the total length of the packet

func (*Packet) IncreaseTCPAck

func (p *Packet) IncreaseTCPAck(incr uint32)

IncreaseTCPAck increases TCP ack number by incr

func (*Packet) IncreaseTCPSeq

func (p *Packet) IncreaseTCPSeq(incr uint32)

IncreaseTCPSeq increases TCP seq number by incr

func (*Packet) IsEmptyTCPPayload

func (p *Packet) IsEmptyTCPPayload() bool

IsEmptyTCPPayload returns the TCP data offset

func (*Packet) L4FlowHash

func (p *Packet) L4FlowHash() string

L4FlowHash calculate a hash string based on the 4-tuple

func (*Packet) L4ReverseFlowHash

func (p *Packet) L4ReverseFlowHash() string

L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

func (*Packet) PacketToStringTCP

func (p *Packet) PacketToStringTCP() string

PacketToStringTCP returns a string representation of fields contained in this packet.

func (*Packet) Print

func (p *Packet) Print(context uint64)

Print is a print helper function

func (*Packet) ReadTCPData

func (p *Packet) ReadTCPData() []byte

ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadTCPDataString

func (p *Packet) ReadTCPDataString() string

ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadUDPToken

func (p *Packet) ReadUDPToken() []byte

ReadUDPToken returnthe UDP token. Gets called only during the handshake process.

func (*Packet) SetTCPData

func (p *Packet) SetTCPData(b []byte)

SetTCPData returns any additional data in the packet

func (*Packet) SetTCPFlags

func (p *Packet) SetTCPFlags(flags uint8)

SetTCPFlags allows to set the tcp flags on the packet

func (*Packet) SourceAddress

func (p *Packet) SourceAddress() net.IP

SourceAddress returns the source IP

func (*Packet) SourcePort

func (p *Packet) SourcePort() uint16

SourcePort -- returns the appropriate source port

func (*Packet) SourcePortHash

func (p *Packet) SourcePortHash(stage uint64) string

SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

func (*Packet) TCPDataAttach

func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

TCPDataAttach modifies the TCP and IP header fields and checksum

func (*Packet) TCPDataDetach

func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

TCPDataDetach performs the following:

  • Removes all TCP data from Buffer to TCPData.
  • Removes "optionLength" bytes of options from TCP header to tcpOptions
  • Updates IP Hdr (lengths, checksums)
  • Updates TCP header (checksums)

func (*Packet) TCPDataLength

func (p *Packet) TCPDataLength() int

TCPDataLength -- returns the length of tcp options

func (*Packet) TCPDataStartBytes

func (p *Packet) TCPDataStartBytes() uint16

TCPDataStartBytes provides the tcp data start offset in bytes

func (*Packet) TCPOptionLength

func (p *Packet) TCPOptionLength() int

TCPOptionLength returns the length of tcpoptions

func (*Packet) UDPDataAttach

func (p *Packet) UDPDataAttach(header, udpdata []byte)

UDPDataAttach Attaches UDP data post encryption.

func (*Packet) UDPDataDetach

func (p *Packet) UDPDataDetach()

UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

func (*Packet) UDPTokenAttach

func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

UDPTokenAttach attached udp packet signature and tokens.

func (*Packet) UpdateIPChecksum

func (p *Packet) UpdateIPChecksum()

UpdateIPChecksum computes the IP header checksum and updates the packet with the value.

func (*Packet) UpdateTCPChecksum

func (p *Packet) UpdateTCPChecksum()

UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

func (*Packet) UpdateUDPChecksum

func (p *Packet) UpdateUDPChecksum()

UpdateUDPChecksum updates the UDP checksum field of packet

func (*Packet) VerifyIPChecksum

func (p *Packet) VerifyIPChecksum() bool

VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

func (*Packet) VerifyTCPChecksum

func (p *Packet) VerifyTCPChecksum() bool

VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL