Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var AllowedColumnFormats map[string]PsmlColumnInfo
AllowedColumnFormats is initialized when the cached columns file is read from disk
View Source
var BuiltInColumnFormats = map[string]PsmlColumnInfo{ "%q": PsmlColumnInfo{Field: "%q", Short: "VLAN", Long: "802.1Q VLAN id", Comparator: table.IntCompare{}}, "%Yt": PsmlColumnInfo{Field: "%Yt", Short: "Time", Long: "Absolute date, as YYYY-MM-DD, and time", Comparator: table.DateTimeCompare{}}, "%YDOYt": PsmlColumnInfo{Field: "%YDOYt", Short: "Time", Long: "Absolute date, as YYYY/DOY, and time", Comparator: table.DateTimeCompare{}}, "%At": PsmlColumnInfo{Field: "%At", Short: "Time", Long: "Absolute time", Comparator: table.DateTimeCompare{}}, "%V": PsmlColumnInfo{Field: "%V", Short: "VSAN", Long: "Cisco VSAN"}, "%B": PsmlColumnInfo{Field: "%B", Short: "Cuml Bytes", Long: "Cumulative Bytes", Comparator: table.IntCompare{}}, "%Cus": PsmlColumnInfo{Field: "%Cus", Short: "Custom", Long: "Custom"}, "%y": PsmlColumnInfo{Field: "%y", Short: "DCE/RPC", Long: "DCE/RPC call (cn_call_id / dg_seqnum)", Comparator: table.IntCompare{}}, "%Tt": PsmlColumnInfo{Field: "%Tt", Short: "Time Delt", Long: "Delta time", Comparator: table.FloatCompare{}}, "%Gt": PsmlColumnInfo{Field: "%Gt", Short: "Time Delt", Long: "Delta time displayed", Comparator: table.FloatCompare{}}, "%rd": PsmlColumnInfo{Field: "%rd", Short: "Dest", Long: "Dest addr (resolved)"}, "%ud": PsmlColumnInfo{Field: "%ud", Short: "Dest", Long: "Dest addr (unresolved)", Comparator: termshark.IPCompare{}}, "%rD": PsmlColumnInfo{Field: "%rD", Short: "DPort", Long: "Dest port (resolved)"}, "%uD": PsmlColumnInfo{Field: "%uD", Short: "DPort", Long: "Dest port (unresolved)", Comparator: table.IntCompare{}}, "%d": PsmlColumnInfo{Field: "%d", Short: "Dest", Long: "Destination address"}, "%D": PsmlColumnInfo{Field: "%D", Short: "DPort", Long: "Destination port", Comparator: table.IntCompare{}}, "%a": PsmlColumnInfo{Field: "%a", Short: "Expert", Long: "Expert Info Severity"}, "%I": PsmlColumnInfo{Field: "%I", Short: "FW-1", Long: "FW-1 monitor if/direction"}, "%F": PsmlColumnInfo{Field: "%F", Short: "Freq/Chan", Long: "Frequency/Channel", Comparator: table.IntCompare{}}, "%hd": PsmlColumnInfo{Field: "%hd", Short: "DMAC", Long: "Hardware dest addr"}, "%hs": PsmlColumnInfo{Field: "%hs", Short: "SMAC", Long: "Hardware src addr"}, "%rhd": PsmlColumnInfo{Field: "%rhd", Short: "DMAC", Long: "Hw dest addr (resolved)"}, "%uhd": PsmlColumnInfo{Field: "%uhd", Short: "DMAC", Long: "Hw dest addr (unresolved)"}, "%rhs": PsmlColumnInfo{Field: "%rhs", Short: "SMAC", Long: "Hw src addr (resolved)"}, "%uhs": PsmlColumnInfo{Field: "%uhs", Short: "SMAC", Long: "Hw src addr (unresolved)"}, "%e": PsmlColumnInfo{Field: "%e", Short: "RSSI", Long: "IEEE 802.11 RSSI", Comparator: table.FloatCompare{}}, "%x": PsmlColumnInfo{Field: "%x", Short: "TX Rate", Long: "IEEE 802.11 TX rate", Comparator: table.FloatCompare{}}, "%f": PsmlColumnInfo{Field: "%f", Short: "DSCP", Long: "IP DSCP Value"}, "%i": PsmlColumnInfo{Field: "%i", Short: "Info", Long: "Information"}, "%rnd": PsmlColumnInfo{Field: "%rnd", Short: "Dest", Long: "Net dest addr (resolved)"}, "%und": PsmlColumnInfo{Field: "%und", Short: "Dest", Long: "Net dest addr (unresolved)", Comparator: termshark.IPCompare{}}, "%rns": PsmlColumnInfo{Field: "%rns", Short: "Source", Long: "Net src addr (resolved)"}, "%uns": PsmlColumnInfo{Field: "%uns", Short: "Source", Long: "Net src addr (unresolved)", Comparator: termshark.IPCompare{}}, "%nd": PsmlColumnInfo{Field: "%nd", Short: "Dest", Long: "Network dest addr"}, "%ns": PsmlColumnInfo{Field: "%ns", Short: "Dest", Long: "Network src addr"}, "%m": PsmlColumnInfo{Field: "%m", Short: "No.", Long: "Number", Comparator: table.IntCompare{}}, "%L": PsmlColumnInfo{Field: "%L", Short: "Length", Long: "Packet length (bytes)", Comparator: table.IntCompare{}}, "%p": PsmlColumnInfo{Field: "%p", Short: "Proto", Long: "Protocol"}, "%Rt": PsmlColumnInfo{Field: "%Rt", Short: "Time", Long: "Relative time", Comparator: table.FloatCompare{}}, "%s": PsmlColumnInfo{Field: "%s", Short: "Source", Long: "Source address", Comparator: termshark.IPCompare{}}, "%S": PsmlColumnInfo{Field: "%S", Short: "SPort", Long: "Source port", Comparator: table.IntCompare{}}, "%rs": PsmlColumnInfo{Field: "%rs", Short: "Source", Long: "Src addr (resolved)"}, "%us": PsmlColumnInfo{Field: "%us", Short: "Source", Long: "Src addr (unresolved)", Comparator: termshark.IPCompare{}}, "%rS": PsmlColumnInfo{Field: "%rS", Short: "SPort", Long: "Src port (resolved)"}, "%uS": PsmlColumnInfo{Field: "%uS", Short: "SPort", Long: "Src port (unresolved)", Comparator: table.IntCompare{}}, "%E": PsmlColumnInfo{Field: "%E", Short: "TEI", Long: "TEI", Comparator: table.IntCompare{}}, "%Yut": PsmlColumnInfo{Field: "%Yut", Short: "Time", Long: "UTC date, as YYYY-MM-DD, and time", Comparator: table.DateTimeCompare{}}, "%YDOYut": PsmlColumnInfo{Field: "%YDOYut", Short: "Time", Long: "UTC date, as YYYY/DOY, and time", Comparator: table.DateTimeCompare{}}, "%Aut": PsmlColumnInfo{Field: "%Aut", Short: "Time", Long: "UTC time", Comparator: table.DateTimeCompare{}}, "%t": PsmlColumnInfo{Field: "%t", Short: "Time", Long: "Time (format as specified)", Comparator: table.DateTimeCompare{}}, }
BuiltInColumnFormats is the list we know of, from tshark as of the end of 2020. I'll keep this up to date over time. The canonical list is retrieved from tshark -G column-formats, then merged with this to add useful short names and comparators.
View Source
var ColumnsFormatError = fmt.Errorf("The supplied list of columns and names is invalid")
View Source
var DefaultPsmlColumnSpec = []PsmlColumnSpec{ PsmlColumnSpec{Field: PsmlField{Token: "%m"}, Name: "No."}, PsmlColumnSpec{Field: PsmlField{Token: "%t"}, Name: "Time"}, PsmlColumnSpec{Field: PsmlField{Token: "%s"}, Name: "Source"}, PsmlColumnSpec{Field: PsmlField{Token: "%d"}, Name: "Dest"}, PsmlColumnSpec{Field: PsmlField{Token: "%p"}, Name: "Proto"}, PsmlColumnSpec{Field: PsmlField{Token: "%L"}, Name: "Length"}, PsmlColumnSpec{Field: PsmlField{Token: "%i"}, Name: "Info"}, }
View Source
var InvalidCustomColumnError = fmt.Errorf("The custom column is invalid")
View Source
var TsharkColumnsCacheOldError = fmt.Errorf("The cached tshark columns database is out of date")
Functions ¶
func InitValidColumns ¶
func InitValidColumns() error
InitValidColumns will run tshark, if necessary, to compute the columns that tshark understands. This is the set of columns the user is allowed to configure. This will block - if it's noticeable I'll make it async. This is called from termshark's main and makes specific assumptions i.e. that it can write to stdout and the user will see it.
Types ¶
type ColumnsFromTshark ¶
type ColumnsFromTshark struct {
// contains filtered or unexported fields
}
The fields field is serialized using gob.
func (*ColumnsFromTshark) InitFromCache ¶
func (w *ColumnsFromTshark) InitFromCache() error
func (*ColumnsFromTshark) InitNoCache ¶
func (w *ColumnsFromTshark) InitNoCache() error
type PsmlColumnInfo ¶
func (PsmlColumnInfo) WithLongName ¶
func (p PsmlColumnInfo) WithLongName(name string) PsmlColumnInfo
type PsmlColumnSpec ¶
func GetPsmlColumnFormat ¶
func GetPsmlColumnFormat() []PsmlColumnSpec
func GetPsmlColumnFormatCached ¶
func GetPsmlColumnFormatCached() []PsmlColumnSpec
func GetPsmlColumnFormatFrom ¶
func GetPsmlColumnFormatFrom(colKey string) []PsmlColumnSpec
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.