rawSocket

package
v0.10.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 3, 2015 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package rawSocket provides traffic sniffier using RAW sockets.

Capture traffic from socket using RAW_SOCKET's http://en.wikipedia.org/wiki/Raw_socket

RAW_SOCKET allow you listen for traffic on any port (e.g. sniffing) because they operate on IP level.

Ports is TCP feature, same as flow control, reliable transmission and etc.

This package implements own TCP layer: TCP packets is parsed using tcp_packet.go, and flow control is managed by tcp_message.go

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Listener 

type Listener struct {
	// contains filtered or unexported fields
}

Listener handle traffic capture

func NewListener 

func NewListener(addr string, port string, expire time.Duration, captureResponse bool) (l *Listener)

NewListener creates and initializes new Listener object

func (*Listener) Close added in v0.10.1 

func (t *Listener) Close()

func (*Listener) Receive 

func (t *Listener) Receive() *TCPMessage

Receive TCP messages from the listener channel

type TCPMessage 

type TCPMessage struct {
	ID           string // Message ID
	Ack          uint32
	ResponseAck  uint32
	RequestStart time.Time
	RequestAck   uint32
	Start        time.Time
	End          time.Time
	IsIncoming   bool
	// contains filtered or unexported fields
}

TCPMessage ensure that all TCP packets for given request is received, and processed in right sequence Its needed because all TCP message can be fragmented or re-transmitted

Each TCP Packet have 2 ids: acknowledgment - message_id, and sequence - packet_id Message can be compiled from unique packets with same message_id which sorted by sequence Message is received if we didn't receive any packets for 2000ms

func NewTCPMessage 

func NewTCPMessage(ID string, Ack uint32, IsIncoming bool) (msg *TCPMessage)

NewTCPMessage pointer created from a Acknowledgment number and a channel of messages readuy to be deleted

func (*TCPMessage) AddPacket 

func (t *TCPMessage) AddPacket(packet *TCPPacket)

AddPacket to the message and ensure packet uniqueness TCP allows that packet can be re-send multiple times

func (*TCPMessage) Bytes 

func (t *TCPMessage) Bytes() (output []byte)

Bytes return message content

func (*TCPMessage) IsMultipart added in v0.10.1 

func (t *TCPMessage) IsMultipart() bool

isMultipart returns true if message contains from multiple tcp packets

func (*TCPMessage) Size added in v0.10.1 

func (t *TCPMessage) Size() (size int)

Size returns total size of message

func (*TCPMessage) UUID added in v0.10.1 

func (t *TCPMessage) UUID() []byte

type TCPPacket 

type TCPPacket struct {
	SrcPort    uint16
	DestPort   uint16
	Seq        uint32
	Ack        uint32
	DataOffset uint8
	Flags      uint16
	Window     uint16
	Checksum   uint16
	Urgent     uint16

	Data []byte

	Addr net.Addr
}

TCPPacket provides tcp packet parser Packet structure: http://en.wikipedia.org/wiki/Transmission_Control_Protocol

func ParseTCPPacket 

func ParseTCPPacket(addr net.Addr, b []byte) (p *TCPPacket)

ParseTCPPacket takes address and tcp payload and returns parsed TCPPacket

func (*TCPPacket) Parse 

func (t *TCPPacket) Parse()

Parse TCP Packet, inspired by: https://github.com/miekg/pcap/blob/master/packet.go

func (*TCPPacket) ParseBasic 

func (t *TCPPacket) ParseBasic()

ParseBasic set of fields

func (*TCPPacket) String 

func (t *TCPPacket) String() string

String output for a TCP Packet

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.