Documentation ¶
Index ¶
Constants ¶
const ( InboundName = "inbound" OutboundName = "outbound" ListeningName = "listening" )
Names for the direction of a connection
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Direction ¶
type Direction uint8
Direction indicates how a socket was initiated.
const ( // Inbound indicates a connection was established from the outside to // listening socket on this host. Inbound Direction // Outbound indicates a connection was established from this socket to an // external listening socket. Outbound // Listening indicates a socket that is listening. Listening )
type ListenerTable ¶
type ListenerTable struct {
// contains filtered or unexported fields
}
ListenerTable tracks sockets that are listening. It can then be used to identify if a socket is listening, incoming, or outgoing.
func NewListenerTable ¶
func NewListenerTable() *ListenerTable
NewListenerTable returns a new ListenerTable.
func (*ListenerTable) Direction ¶
func (t *ListenerTable) Direction( family uint8, proto uint8, localIP net.IP, localPort int, remoteIP net.IP, remotePort int, ) Direction
Direction returns whether the connection was incoming or outgoing based on the protocol and local address. It compares the given local address to the listeners in the table for the protocol and returns Inbound if there is a match. If remotePort is 0 then Listening is returned.
type NetlinkSession ¶
type NetlinkSession struct {
// contains filtered or unexported fields
}
NetlinkSession communicates with the kernel's netlink subsystem.
func NewNetlinkSession ¶
func NewNetlinkSession() *NetlinkSession
NewNetlinkSession creates a new netlink session.
func (*NetlinkSession) GetSocketList ¶
func (session *NetlinkSession) GetSocketList() ([]*linux.InetDiagMsg, error)
GetSocketList retrieves the current list of sockets from the kernel.
type ProcTable ¶
type ProcTable struct {
// contains filtered or unexported fields
}
ProcTable contains all of the active processes (if the current user is root).
func NewProcTable ¶
NewProcTable returns a new ProcTable that reads data from the /proc directory by default. An alternative proc filesystem mountpoint can be specified through the mountpoint parameter.
func (*ProcTable) Privileged ¶
Privileged returns true if the process has enough permissions to read sockets of all users
func (*ProcTable) ProcessBySocketInode ¶
ProcessBySocketInode returns the Proc associated with the given socket inode.