Documentation ¶
Overview ¶
Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.
Index ¶
- Constants
- Variables
- func CreateUDPAuthMarker(packetType uint8) []byte
- func GetUDPTypeFromBuffer(buffer []byte) byte
- func TCPFlagsToStr(flags uint8) string
- type Packet
- func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)
- func (p *Packet) ConvertAcktoFinAck() error
- func (p *Packet) CreateReverseFlowPacket(destIP net.IP, destPort uint16)
- func (p *Packet) DecreaseTCPAck(decr uint32)
- func (p *Packet) DecreaseTCPSeq(decr uint32)
- func (p *Packet) DestPort() uint16
- func (p *Packet) DestinationAddress() net.IP
- func (p *Packet) DropTCPDetachedBytes()
- func (p *Packet) DropTCPDetachedDataBytes()
- func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)
- func (p *Packet) FixuptcpHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)
- func (p *Packet) FixuptcpHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)
- func (p *Packet) GetBuffer(offset int) []byte
- func (p *Packet) GetIPLength() uint16
- func (p *Packet) GetTCPBytes() []byte
- func (p *Packet) GetTCPData() []byte
- func (p *Packet) GetTCPFlags() uint8
- func (p *Packet) GetTCPOptions() []byte
- func (p *Packet) GetUDPData() []byte
- func (p *Packet) GetUDPDataStartBytes() uint16
- func (p *Packet) GetUDPType() byte
- func (p *Packet) ID() string
- func (p *Packet) IPHeaderLen() uint8
- func (p *Packet) IPProto() uint8
- func (p *Packet) IPTotalLen() uint16
- func (p *Packet) IncreaseTCPAck(incr uint32)
- func (p *Packet) IncreaseTCPSeq(incr uint32)
- func (p *Packet) IsEmptyTCPPayload() bool
- func (p *Packet) L4FlowHash() string
- func (p *Packet) L4ReverseFlowHash() string
- func (p *Packet) PacketToStringTCP() string
- func (p *Packet) Print(context uint64)
- func (p *Packet) ReadTCPData() []byte
- func (p *Packet) ReadTCPDataString() string
- func (p *Packet) ReadUDPToken() []byte
- func (p *Packet) SetTCPData(b []byte)
- func (p *Packet) SetTCPFlags(flags uint8)
- func (p *Packet) SourceAddress() net.IP
- func (p *Packet) SourcePort() uint16
- func (p *Packet) SourcePortHash(stage uint64) string
- func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)
- func (p *Packet) TCPDataDetach(optionLength uint16) (err error)
- func (p *Packet) TCPDataLength() int
- func (p *Packet) TCPDataStartBytes() uint16
- func (p *Packet) TCPOptionLength() int
- func (p *Packet) UDPDataAttach(header, udpdata []byte)
- func (p *Packet) UDPDataDetach()
- func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)
- func (p *Packet) UpdateIPChecksum()
- func (p *Packet) UpdateTCPChecksum()
- func (p *Packet) UpdateUDPChecksum()
- func (p *Packet) VerifyIPChecksum() bool
- func (p *Packet) VerifyTCPChecksum() bool
Constants ¶
const ( // IPProtocolTCP defines the constant for TCP protocol number IPProtocolTCP = 6 // IPProtocolUDP defines the constant for UDP protocol number IPProtocolUDP = 17 )
IP Protocol numbers
const ( // TCPSynMask is a mask for the TCP Syn flags TCPSynMask = 0x2 // TCPSynAckMask mask idenitifies a TCP SYN-ACK packet TCPSynAckMask = 0x12 // TCPRstMask mask that identifies RST packets TCPRstMask = 0x4 // TCPAckMask mask that identifies ACK packets TCPAckMask = 0x10 // TCPFinMask mask that identifies FIN packets TCPFinMask = 0x1 // TCPPshMask = 0x8 mask that identifies PSH packets TCPPshMask = 0x8 )
TCP Header masks
const ( // TCPAuthenticationOption is the option number will be using TCPAuthenticationOption = uint8(34) // TCPMssOption is the type for MSS option TCPMssOption = uint8(2) // TCPMssOptionLen is the type for MSS option TCPMssOptionLen = uint8(4) )
TCP Options Related constants
const ( // UDPDataPos is the location of UDP data UDPDataPos = 8 // UDPSynMask is a mask for the UDP Syn flags UDPSynMask = 0x10 // UDPSynAckMask mask idenitifies a UDP SYN-ACK packet UDPSynAckMask = 0x20 // UDPAckMask mask that identifies ACK packets. UDPAckMask = 0x30 // UDPFinAckMask mask that identifies the FinAck packets UDPFinAckMask = 0x40 // UDPDataPacket is a simple data packet UDPDataPacket = 0x80 // UDPPacketMask identifies type of UDP packet. UDPPacketMask = 0xF0 )
UDP related constants.
const ( // UDPAuthMarker is 18 byte Aporeto signature for UDP UDPAuthMarker = "n30njxq7bmiwr6dtxq" // UDPAuthMarkerLen is the length of UDP marker. UDPAuthMarkerLen = 18 // UDPSignatureLen is the length of signature on UDP control packet. UDPSignatureLen = 20 )
const ( // PacketTypeNetwork is enum for from-network packets PacketTypeNetwork = 0x1000 // PacketTypeApplication is enum for from-application packets PacketTypeApplication = 0x2000 // PacketStageIncoming is an enum for incoming stage PacketStageIncoming = 0x0100 // PacketStageAuth is an enum for authentication stage PacketStageAuth = 0x0200 // PacketStageService is an enum for crypto stage PacketStageService = 0x0400 // PacketStageOutgoing is an enum for outgoing stage PacketStageOutgoing = 0x0800 // PacketFailureCreate is the drop reason for packet PacketFailureCreate = 0x0010 // PacketFailureAuth is a drop reason for packet due to authentication error PacketFailureAuth = 0x0020 // PacketFailureService is a drop reason for packet due to crypto error PacketFailureService = 0x00040 )
Variables ¶
var ( // PacketLogLevel determines if packet logging is turned on PacketLogLevel bool )
Functions ¶
func CreateUDPAuthMarker ¶
CreateUDPAuthMarker creates a UDP auth marker.
func GetUDPTypeFromBuffer ¶
GetUDPTypeFromBuffer gets the UDP packet from a raw buffer.,
func TCPFlagsToStr ¶
TCPFlagsToStr converts the TCP Flags to a string value that is human readable
Types ¶
type Packet ¶
type Packet struct { // Mark is the nfqueue Mark Mark string // Service Metadata SvcMetadata interface{} // Connection Metadata ConnectionMetadata interface{} // contains filtered or unexported fields }
Packet structure
func New ¶
func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)
New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.
func TestGetTCPPacket ¶
TestGetTCPPacket is used by other test code when they need to create a packet
func (*Packet) CheckTCPAuthenticationOption ¶
CheckTCPAuthenticationOption ensures authentication option exists at the offset provided
func (*Packet) ConvertAcktoFinAck ¶
ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.
func (*Packet) CreateReverseFlowPacket ¶
CreateReverseFlowPacket modifies the packet for reverse flow.
func (*Packet) DecreaseTCPAck ¶
DecreaseTCPAck decreases TCP ack number by decr
func (*Packet) DecreaseTCPSeq ¶
DecreaseTCPSeq decreases TCP seq number by decr
func (*Packet) DestinationAddress ¶
DestinationAddress returns the destination address
func (*Packet) DropTCPDetachedBytes ¶
func (p *Packet) DropTCPDetachedBytes()
DropTCPDetachedBytes removes any bytes that have been detached and stored locally
func (*Packet) DropTCPDetachedDataBytes ¶
func (p *Packet) DropTCPDetachedDataBytes()
DropTCPDetachedDataBytes removes any bytes that have been detached and stored locally
func (*Packet) FixupIPHdrOnDataModify ¶
FixupIPHdrOnDataModify modifies the IP header fields and checksum
func (*Packet) FixuptcpHdrOnTCPDataAttach ¶
FixuptcpHdrOnTCPDataAttach modifies the TCP header fields and checksum
func (*Packet) FixuptcpHdrOnTCPDataDetach ¶
FixuptcpHdrOnTCPDataDetach modifies the TCP header fields and checksum
func (*Packet) GetIPLength ¶
GetIPLength returns the IP length
func (*Packet) GetTCPBytes ¶
GetTCPBytes returns the bytes in the packet. It consolidates in case of changes as well
func (*Packet) GetTCPData ¶
GetTCPData returns any additional data in the packet
func (*Packet) GetTCPFlags ¶
GetTCPFlags returns the tcp flags from the packet
func (*Packet) GetTCPOptions ¶
GetTCPOptions returns any additional options in the packet
func (*Packet) GetUDPData ¶
GetUDPData return additional data in packet
func (*Packet) GetUDPDataStartBytes ¶
GetUDPDataStartBytes return start of UDP data
func (*Packet) GetUDPType ¶
GetUDPType returns udp type of packet.
func (*Packet) IPHeaderLen ¶
IPHeaderLen returns the ip header length
func (*Packet) IPTotalLen ¶
IPTotalLen returns the total length of the packet
func (*Packet) IncreaseTCPAck ¶
IncreaseTCPAck increases TCP ack number by incr
func (*Packet) IncreaseTCPSeq ¶
IncreaseTCPSeq increases TCP seq number by incr
func (*Packet) IsEmptyTCPPayload ¶
IsEmptyTCPPayload returns the TCP data offset
func (*Packet) L4FlowHash ¶
L4FlowHash calculate a hash string based on the 4-tuple
func (*Packet) L4ReverseFlowHash ¶
L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information
func (*Packet) PacketToStringTCP ¶
PacketToStringTCP returns a string representation of fields contained in this packet.
func (*Packet) ReadTCPData ¶
ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet
func (*Packet) ReadTCPDataString ¶
ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet
func (*Packet) ReadUDPToken ¶
ReadUDPToken returnthe UDP token. Gets called only during the handshake process.
func (*Packet) SetTCPData ¶
SetTCPData returns any additional data in the packet
func (*Packet) SetTCPFlags ¶
SetTCPFlags allows to set the tcp flags on the packet
func (*Packet) SourceAddress ¶
SourceAddress returns the source IP
func (*Packet) SourcePort ¶
SourcePort -- returns the appropriate source port
func (*Packet) SourcePortHash ¶
SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.
func (*Packet) TCPDataAttach ¶
TCPDataAttach modifies the TCP and IP header fields and checksum
func (*Packet) TCPDataDetach ¶
TCPDataDetach performs the following:
- Removes all TCP data from Buffer to TCPData.
- Removes "optionLength" bytes of options from TCP header to tcpOptions
- Updates IP Hdr (lengths, checksums)
- Updates TCP header (checksums)
func (*Packet) TCPDataLength ¶
TCPDataLength -- returns the length of tcp options
func (*Packet) TCPDataStartBytes ¶
TCPDataStartBytes provides the tcp data start offset in bytes
func (*Packet) TCPOptionLength ¶
TCPOptionLength returns the length of tcpoptions
func (*Packet) UDPDataAttach ¶
UDPDataAttach Attaches UDP data post encryption.
func (*Packet) UDPDataDetach ¶
func (p *Packet) UDPDataDetach()
UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.
func (*Packet) UDPTokenAttach ¶
UDPTokenAttach attached udp packet signature and tokens.
func (*Packet) UpdateIPChecksum ¶
func (p *Packet) UpdateIPChecksum()
UpdateIPChecksum computes the IP header checksum and updates the packet with the value.
func (*Packet) UpdateTCPChecksum ¶
func (p *Packet) UpdateTCPChecksum()
UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.
func (*Packet) UpdateUDPChecksum ¶
func (p *Packet) UpdateUDPChecksum()
UpdateUDPChecksum updates the UDP checksum field of packet
func (*Packet) VerifyIPChecksum ¶
VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.
func (*Packet) VerifyTCPChecksum ¶
VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.