protos

package
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 8, 2016 License: Apache-2.0 Imports: 8 Imported by: 3,490

Documentation

Index

Constants

View Source
const (
	DefaultTransactionHashSize                 = 2 ^ 16
	DefaultTransactionExpiration time.Duration = 10 * time.Second
)

Variables

View Source
var ErrInvalidPort = errors.New("port number out of range")
View Source
var ProtocolNames = []string{
	"unknown",
	"http",
	"mysql",
	"redis",
	"pgsql",
	"thrift",
	"mongodb",
	"dns",
	"memcache",
}

Protocol names

Functions

This section is empty.

Types

type Packet

type Packet struct {
	Ts      time.Time
	Tuple   common.IpPortTuple
	Payload []byte
}

type PortsConfig

type PortsConfig struct {
	Ports []int
}

Protocol Plugin Port configuration with validation on init

func (*PortsConfig) Init

func (p *PortsConfig) Init(ports ...int) error

func (*PortsConfig) Set

func (p *PortsConfig) Set(ports []int) error

type Protocol

type Protocol uint16

Protocol identifier.

const (
	UnknownProtocol Protocol = iota
	HttpProtocol
	MysqlProtocol
	RedisProtocol
	PgsqlProtocol
	ThriftProtocol
	MongodbProtocol
	DnsProtocol
	MemcacheProtocol
)

Protocol constants.

func (Protocol) String

func (p Protocol) String() string

type ProtocolData

type ProtocolData interface{}

ProtocolData interface to represent an upper protocol private data. Used with types like HttpStream, MysqlStream, etc.

type ProtocolPlugin

type ProtocolPlugin interface {
	// Called to initialize the Plugin
	Init(test_mode bool, results publish.Transactions) error

	// Called to return the configured ports
	GetPorts() []int
}

Functions to be exported by a protocol plugin

type Protocols

type Protocols interface {
	BpfFilter(with_vlans bool, with_icmp bool) string
	GetTcp(proto Protocol) TcpProtocolPlugin
	GetUdp(proto Protocol) UdpProtocolPlugin
	GetAll() map[Protocol]ProtocolPlugin
	GetAllTcp() map[Protocol]TcpProtocolPlugin
	GetAllUdp() map[Protocol]UdpProtocolPlugin
	Register(proto Protocol, plugin ProtocolPlugin)
}

type ProtocolsStruct

type ProtocolsStruct struct {
	// contains filtered or unexported fields
}

list of protocol plugins

var Protos ProtocolsStruct

Singleton of Protocols type.

func (ProtocolsStruct) BpfFilter

func (protocols ProtocolsStruct) BpfFilter(with_vlans bool, with_icmp bool) string

BpfFilter returns a Berkeley Packer Filter (BFP) expression that will match against packets for the registered protocols. If with_vlans is true the filter will match against both IEEE 802.1Q VLAN encapsulated and unencapsulated packets

func (ProtocolsStruct) GetAll

func (protocols ProtocolsStruct) GetAll() map[Protocol]ProtocolPlugin

func (ProtocolsStruct) GetAllTcp

func (protocols ProtocolsStruct) GetAllTcp() map[Protocol]TcpProtocolPlugin

func (ProtocolsStruct) GetAllUdp

func (protocols ProtocolsStruct) GetAllUdp() map[Protocol]UdpProtocolPlugin

func (ProtocolsStruct) GetTcp

func (protocols ProtocolsStruct) GetTcp(proto Protocol) TcpProtocolPlugin

func (ProtocolsStruct) GetUdp

func (protocols ProtocolsStruct) GetUdp(proto Protocol) UdpProtocolPlugin

func (ProtocolsStruct) Register

func (protos ProtocolsStruct) Register(proto Protocol, plugin ProtocolPlugin)

type TcpProtocolPlugin

type TcpProtocolPlugin interface {
	ProtocolPlugin

	// Called when TCP payload data is available for parsing.
	Parse(pkt *Packet, tcptuple *common.TcpTuple,
		dir uint8, private ProtocolData) ProtocolData

	// Called when the FIN flag is seen in the TCP stream.
	ReceivedFin(tcptuple *common.TcpTuple, dir uint8,
		private ProtocolData) ProtocolData

	// Called when a packets are missing from the tcp
	// stream.
	GapInStream(tcptuple *common.TcpTuple, dir uint8, nbytes int,
		private ProtocolData) (priv ProtocolData, drop bool)

	// ConnectionTimeout returns the per stream connection timeout.
	// Return <=0 to set default tcp module transaction timeout.
	ConnectionTimeout() time.Duration
}

type UdpProtocolPlugin

type UdpProtocolPlugin interface {
	ProtocolPlugin

	// ParseUdp is invoked when UDP payload data is available for parsing.
	ParseUdp(pkt *Packet)
}

Directories

Path Synopsis
The applayer module provides common definitions with common fields for use with application layer protocols among beats.
The applayer module provides common definitions with common fields for use with application layer protocols among beats.
This file contains the name mapping data used to convert various DNS IDs to their string values.
This file contains the name mapping data used to convert various DNS IDs to their string values.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL