helpers

package
v0.13.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 6, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetFamilyFromRawAddr added in v0.9.0

func GetFamilyFromRawAddr(addr map[string]string) (string, error)

func GetIPFromRawAddr added in v0.9.0

func GetIPFromRawAddr(addr map[string]string) (string, error)

func GetPathFromRawAddr added in v0.9.0

func GetPathFromRawAddr(addr map[string]string) (string, error)

func GetPortFromRawAddr added in v0.9.0

func GetPortFromRawAddr(addr map[string]string) (string, error)

func GetProtoDNSByName added in v0.10.0

func GetProtoDNSByName(
	event trace.Event,
	argName string,
) (
	trace.ProtoDNS, error,
)

GetProtoDNSByName converts json to ProtoDNS

func GetProtoDNSMX added in v0.10.0

func GetProtoDNSMX(
	arg map[string]interface{},
) (
	trace.ProtoDNSMX,
	error,
)

GetProtoDNSMX converts json to ProtoDNSMX

func GetProtoDNSOPT added in v0.10.0

func GetProtoDNSOPT(
	arg []interface{},
) (
	[]trace.ProtoDNSOPT,
	error,
)

GetProtoDNSOPT converts json to ProtoDNSOPT

func GetProtoDNSQuestion added in v0.10.0

func GetProtoDNSQuestion(
	arg []interface{},
) (
	[]trace.ProtoDNSQuestion,
	error,
)

GetProtoDNSQuestion converts json to ProtoDNSQuestion

func GetProtoDNSResourceRecord added in v0.10.0

func GetProtoDNSResourceRecord(
	arg []interface{},
) (
	[]trace.ProtoDNSResourceRecord,
	error,
)

GetProtoDNSResourceRecord converts json to ProtoDNSResourceRecord

func GetProtoDNSSOA added in v0.10.0

func GetProtoDNSSOA(
	arg map[string]interface{},
) (
	trace.ProtoDNSSOA,
	error,
)

GetProtoDNSSOA converts json to ProtoDNSSOA

func GetProtoDNSSRV added in v0.10.0

func GetProtoDNSSRV(
	arg map[string]interface{},
) (
	trace.ProtoDNSSRV,
	error,
)

GetProtoDNSSRV converts json to ProtoDNSSRV

func GetProtoDNSTXTs added in v0.10.0

func GetProtoDNSTXTs(
	arg []interface{},
) (
	[]string,
	error,
)

func GetProtoDNSURI added in v0.10.0

func GetProtoDNSURI(
	arg map[string]interface{},
) (
	trace.ProtoDNSURI,
	error,
)

GetProtoDNSURI converts json to ProtoDNSURI

func GetProtoHTTPByName added in v0.11.0

func GetProtoHTTPByName(
	event trace.Event,
	argName string,
) (
	trace.ProtoHTTP, error,
)

func GetProtoICMPByName added in v0.10.0

func GetProtoICMPByName(
	event trace.Event, argName string) (
	trace.ProtoICMP, error)

GetProtoICMPByName converts json to ProtoICMP

func GetProtoICMPv6ByName added in v0.10.0

func GetProtoICMPv6ByName(
	event trace.Event,
	argName string) (
	trace.ProtoICMPv6,
	error)

GetProtoICMPv6ByName converts json to ProtoICMPv6

func GetProtoIPv4ByName added in v0.10.0

func GetProtoIPv4ByName(
	event trace.Event,
	argName string) (
	trace.ProtoIPv4,
	error)

GetProtoIPv4ByName converts json to ProtoIPv4

func GetProtoIPv6ByName added in v0.10.0

func GetProtoIPv6ByName(
	event trace.Event,
	argName string) (
	trace.ProtoIPv6,
	error)

GetProtoIPv6ByName converts json to ProtoIPv6

func GetProtoTCPByName added in v0.10.0

func GetProtoTCPByName(
	event trace.Event, argName string) (
	trace.ProtoTCP, error)

GetProtoTCPByName converts json to ProtoTCP

func GetProtoUDPByName added in v0.10.0

func GetProtoUDPByName(
	event trace.Event, argName string) (
	trace.ProtoUDP, error)

GetProtoUDPByName converts json to ProtoUDP

func GetRawAddrArgumentByName added in v0.9.0

func GetRawAddrArgumentByName(event trace.Event, argName string) (map[string]string, error)

GetRawAddrArgumentByName returns map[string]string of addr argument

func GetTraceeArgumentByName

func GetTraceeArgumentByName(event trace.Event, argName string, opts GetArgOps) (trace.Argument, error)

GetTraceeArgumentByName fetches the argument in event with `Name` that matches argName

func GetTraceeBytesSliceArgumentByName added in v0.9.0

func GetTraceeBytesSliceArgumentByName(event trace.Event, argName string) ([]byte, error)

GetTraceeBytesSliceArgumentByName gets the argument matching the "argName" given from the event "argv" field, casted as []byte.

func GetTraceeHookedSymbolDataArgumentByName added in v0.9.0

func GetTraceeHookedSymbolDataArgumentByName(event trace.Event, argName string) ([]trace.HookedSymbolData, error)

GetTraceeHookedSymbolDataArgumentByName returns []trace.HookedSymbolData of hooked symbols for arg

func GetTraceeIntArgumentByName added in v0.9.0

func GetTraceeIntArgumentByName(event trace.Event, argName string) (int, error)

GetTraceeIntArgumentByName gets the argument matching the "argName" given from the event "argv" field, casted as int.

func GetTraceeSliceStringArgumentByName added in v0.9.0

func GetTraceeSliceStringArgumentByName(event trace.Event, argName string) ([]string, error)

GetTraceeSliceStringArgumentByName gets the argument matching the "argName" given from the event "argv" field, casted as []string.

func GetTraceeStringArgumentByName added in v0.9.0

func GetTraceeStringArgumentByName(event trace.Event, argName string) (string, error)

GetTraceeStringArgumentByName gets the argument matching the "argName" given from the event "argv" field, casted as string.

func IsElf added in v0.9.0

func IsElf(bytesArray []byte) bool

IsElf checks if the file starts with an ELF magic.

func IsFileRead added in v0.9.0

func IsFileRead(flags string) bool

IsFileRead returns whether the passed file permissions string contains o_rdonly or o_rdwr

func IsFileWrite

func IsFileWrite(flags string) bool

IsFileWrite returns whether the passed file permissions string contains o_wronly or o_rdwr

func IsInternetFamily added in v0.9.0

func IsInternetFamily(addr map[string]string) (bool, error)

func IsMemoryPath added in v0.9.0

func IsMemoryPath(pathname string) bool

IsMemoryPath checks if a given file path is located under "memfd", "/run/shm/" or "/dev/shm/".

func IsUnixFamily added in v0.9.0

func IsUnixFamily(addr map[string]string) (bool, error)

Types

type GetArgOps added in v0.11.0

type GetArgOps struct {
	DefaultArgs bool // Receive default args value (value equals 'nil'). If set to false, will return error if arg not initialized.
}

GetArgOps represents options for arguments getters

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL