parser

package

v0.0.0-...-bcd382d Latest Latest Go to latest Published: Jun 28, 2019 License: GPL-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lyawaf/traffic-sniffer

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func UpdateLabels(label Label)
type Label
- func (l *Label) CheckApply(session TCPSession) bool
type LabelType
type OwnerType
type Packet
type Parser
- func (p *Parser) Parse()
type TCPSession

Constants ¶

View Source

const (
	InfoColor    = "\033[1;34m%s\033[0m"
	NoticeColor  = "\033[1;36m%s\033[0m"
	WarningColor = "\033[1;33m%s\033[0m"
	ErrorColor   = "\033[1;31m%s\033[0m"
	DebugColor   = "\033[0;36m%s\033[0m"
)

View Source

const (
	Client = OwnerType("Client")
	Server = OwnerType("Server")
)

View Source

const (
	PacketIN  = LabelType("in")
	PacketOUT = LabelType("out")
)

View Source

const WAIT_TIMEOUT = 1

Variables ¶

View Source

var DBClient *mongo.Client

View Source

var DBClientForUpdater *mongo.Client

View Source

var LabelTypeToOwnerType = map[LabelType]OwnerType{
	PacketIN:  Client,
	PacketOUT: Server,
}

View Source

var Labels = struct {
	sync.Mutex
	L []Label
}{L: []Label{
	{
		Name:      "ASDF label",
		Type:      PacketIN,
		Regexp:    regexp.MustCompile("asdf"),
		RawRegexp: "YXNkZg==",
		Color:     "#ffffff",
	},
	{
		Name:      "SQL quotes",
		Type:      PacketIN,
		Regexp:    regexp.MustCompile(`('(''|[^'])*')`),
		RawRegexp: "KCcoJyd8W14nXSkqJykK",
		Color:     "#ffffff",
	},
	{
		Name:      "SQL commands",
		Type:      PacketIN,
		Regexp:    regexp.MustCompile(`(\b(ALTER|CREATE|DELETE|DROP|EXEC(UTE){0,1}|INSERT( +INTO){0,1}|MERGE|SELECT|UPDATE|UNION( +ALL){0,1})\b)`),
		RawRegexp: "KCcoJyd8W14nXSkqJyl8KFxiKEFMVEVSfENSRUFURXxERUxFVEV8RFJPUHxFWEVDKFVURSl7MCwxfXxJTlNFUlQoICtJTlRPKXswLDF9fE1FUkdFfFNFTEVDVHxVUERBVEV8VU5JT04oICtBTEwpezAsMX0pXGIp",
		Color:     "#ffffff",
	},
}}

Functions ¶

func UpdateLabels ¶

func UpdateLabels(label Label)

Types ¶

type Label ¶

type Label struct {
	Name      string
	Type      LabelType
	Color     string
	Regexp    *regexp.Regexp
	RawRegexp string
}

Label uses for traffic clustering.

func (*Label) CheckApply ¶

func (l *Label) CheckApply(session TCPSession) bool

type LabelType ¶

type LabelType string

LabelType is marker for applying regexp: for IN or for OUT

type OwnerType ¶

type OwnerType string

type Packet ¶

type Packet struct {
	Owner OwnerType
	Data  string
}

type Parser ¶

type Parser struct {
	Source *gopacket.PacketSource
	sync.Mutex
	// contains filtered or unexported fields
}

func (*Parser) Parse ¶

func (p *Parser) Parse()

type TCPSession ¶

type TCPSession struct {
	ServerAddr     string
	ClientAddr     string
	ServerPort     uint16
	ClientPort     uint16
	SequenceNumber uint32
	Packets        []Packet
	Labels         []Label
	LastUpdate     int64
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL