Documentation
¶
Overview ¶
Honeybadger types package
Index ¶
- type Event
- type HashedTcpIpv4Flow
- type HashedTcpIpv6Flow
- type Logger
- type PacketDataSourceCloser
- type PacketLogger
- type PacketLoggerFactory
- type PacketManifest
- type PacketSource
- type Reassembly
- type Ring
- type Sequence
- func (s Sequence) Add(t int) Sequence
- func (s Sequence) Difference(t Sequence) int
- func (s Sequence) Equals(t Sequence) bool
- func (s Sequence) GreaterThan(t Sequence) bool
- func (s Sequence) GreaterThanOrEqual(t Sequence) bool
- func (s Sequence) LessThan(t Sequence) bool
- func (s Sequence) LessThanOrEqual(t Sequence) bool
- type SnifferDriverOptions
- type Supervisor
- type TcpIpFlow
- func NewTcpIp4FlowFromLayers(ipLayer layers.IPv4, tcpLayer layers.TCP) *TcpIpFlow
- func NewTcpIp6FlowFromLayers(ipLayer layers.IPv6, tcpLayer layers.TCP) *TcpIpFlow
- func NewTcpIpFlowFromFlows(netFlow gopacket.Flow, tcpFlow gopacket.Flow) TcpIpFlow
- func NewTcpIpFlowFromPacket(packet []byte) (*TcpIpFlow, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type HashedTcpIpv4Flow ¶
func NewHashedTcpIpv4Flow ¶
func NewHashedTcpIpv4Flow(flow *TcpIpFlow) HashedTcpIpv4Flow
NewHashedTcpIpv4Flow returns a comparable struct given a flow struct
type HashedTcpIpv6Flow ¶
type HashedTcpIpv6Flow struct {
// ipv6 16 bytes + tcp port 2 bytes == 18
Src [18]byte
Dst [18]byte
}
func NewHashedTcpIpv6Flow ¶
func NewHashedTcpIpv6Flow(flow *TcpIpFlow) HashedTcpIpv6Flow
NewHashedTcpIpv6Flow returns a comparable struct given a flow struct
type PacketDataSourceCloser ¶
type PacketDataSourceCloser interface {
// ReadPacketData returns the next packet available from this data source.
// It returns:
// data: The bytes of an individual packet.
// ci: Metadata about the capture
// err: An error encountered while reading packet data. If err != nil,
// then data/ci will be ignored.
ReadPacketData() (data []byte, ci gopacket.CaptureInfo, err error)
// Close closes the ethernet sniffer and returns nil if no error was found.
Close() error
}
PacketDataSource is an interface for some source of packet data.
type PacketLogger ¶
type PacketLogger interface {
WritePacket(rawPacket []byte, timestamp time.Time)
Start()
Stop()
Remove()
Archive()
SetFileWriter(io.WriteCloser)
}
type PacketLoggerFactory ¶
type PacketLoggerFactory interface {
Build(*TcpIpFlow) PacketLogger
}
type PacketManifest ¶
type PacketManifest struct {
Timestamp time.Time
Flow *TcpIpFlow
RawPacket []byte
Ethernet *layers.Ethernet
IPv4 *layers.IPv4
IPv6 *layers.IPv6
TCP *layers.TCP
Payload gopacket.Payload
}
PacketManifest is used to send parsed packets via channels to other goroutines
func (PacketManifest) String ¶
func (p PacketManifest) String() string
type PacketSource ¶
type PacketSource interface {
Start()
Stop()
SetSupervisor(Supervisor)
GetStartedChan() chan bool // used for unit tests
}
type Reassembly ¶
type Reassembly struct {
// Seq is the TCP sequence number for this segment
Seq Sequence
// Bytes is the next set of bytes in the stream. May be empty.
Bytes []byte
// Skip is set to non-zero if bytes were skipped between this and the
// last Reassembly. If this is the first packet in a connection and we
// didn't see the start, we have no idea how many bytes we skipped, so
// we set it to -1. Otherwise, it's set to the number of bytes skipped.
Skip int
// Start is set if this set of bytes has a TCP SYN accompanying it.
Start bool
// End is set if this set of bytes has a TCP FIN or RST accompanying it.
End bool
// IsOrderCoalesce is set if this stream segment was originally received
// out of order and the later coalesced into the stream.
IsCoalesce bool
// IsCoalesceGap is set if this stream segment was the catalyzing segment
// for triggering the coalescing of latent out-of-order packets.
IsCoalesceGap bool
// Seen is the timestamp this set of bytes was pulled off the wire.
Seen time.Time
}
Reassembly is used to represent a TCP segment
func (Reassembly) String ¶
func (r Reassembly) String() string
String returns a string representation of Reassembly
type Ring ¶
type Ring struct {
Reassembly *Reassembly
// contains filtered or unexported fields
}
A Ring is an element of a circular list, or ring. Rings do not have a beginning or end; a pointer to any ring element serves as reference to the entire ring. Empty rings are represented as nil Ring pointers.
func (*Ring) Len ¶
Len computes the number of elements in ring r. It executes in time proportional to the number of elements.
type Sequence ¶
type Sequence int64
Sequence is a TCP sequence number. It provides a few convenience functions for handling TCP wrap-around. The sequence should always be in the range [0,0xFFFFFFFF]... its other bits are simply used in wrap-around calculations and should never be set.
func (Sequence) Difference ¶
Difference defines an ordering for comparing TCP sequences that's safe for roll-overs. It returns:
> 0 : if t comes after s < 0 : if t comes before s 0 : if t == s
The number returned is the sequence difference, so 4.Difference(8) will return 4.
It handles rollovers by considering any sequence in the first quarter of the uint32 space to be after any sequence in the last quarter of that space, thus wrapping the uint32 space.
func (Sequence) GreaterThan ¶
GreaterThan returns true if s > t
func (Sequence) GreaterThanOrEqual ¶
GreaterThanOrEqual returns true if s >= t
func (Sequence) LessThanOrEqual ¶
LessThanOrEqual returns true if s <= t
type SnifferDriverOptions ¶
type Supervisor ¶
type Supervisor interface {
Stopped()
Run()
}
type TcpIpFlow ¶
type TcpIpFlow struct {
// contains filtered or unexported fields
}
TcpIpFlow is used for tracking unidirectional TCP flows
func NewTcpIp4FlowFromLayers ¶
NewTcpIp4FlowFromLayers given IPv4 and TCP layers it returns a TcpIpFlow
func NewTcpIp6FlowFromLayers ¶
NewTcpIp6FlowFromLayers given IPv6 and TCP layers it returns a TcpIpFlow
func NewTcpIpFlowFromFlows ¶
NewTcpIpFlowFromFlows given a net flow (either ipv4 or ipv6) and TCP flow returns a TcpIpFlow
func NewTcpIpFlowFromPacket ¶
getPacketFlow returns a TcpIpFlow struct given a byte array packet
func (*TcpIpFlow) Equal ¶
Equal returns true if TcpIpFlow structs t and s are equal. False otherwise.
Source Files