conntrack

package
v0.36.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 28, 2025 License: BSD-3-Clause Imports: 5 Imported by: 0

Documentation

Overview

common.go

Index

Constants

View Source 
const (
	// DefaultICMPTimeout is the default timeout for ICMP connections
	DefaultICMPTimeout = 30 * time.Second
	// ICMPCleanupInterval is how often we check for stale ICMP connections
	ICMPCleanupInterval = 15 * time.Second
)
View Source 
const (
	// MSL (Maximum Segment Lifetime) is typically 2 minutes
	MSL = 2 * time.Minute
	// TimeWaitTimeout (TIME-WAIT) should last 2*MSL
	TimeWaitTimeout = 2 * MSL
)
View Source 
const (
	TCPSyn  uint8 = 0x02
	TCPAck  uint8 = 0x10
	TCPFin  uint8 = 0x01
	TCPRst  uint8 = 0x04
	TCPPush uint8 = 0x08
	TCPUrg  uint8 = 0x20
)
View Source 
const (
	// DefaultTCPTimeout is the default timeout for established TCP connections
	DefaultTCPTimeout = 3 * time.Hour
	// TCPHandshakeTimeout is timeout for TCP handshake completion
	TCPHandshakeTimeout = 60 * time.Second
	// TCPCleanupInterval is how often we check for stale connections
	TCPCleanupInterval = 5 * time.Minute
)
View Source 
const (
	// DefaultUDPTimeout is the default timeout for UDP connections
	DefaultUDPTimeout = 30 * time.Second
	// UDPCleanupInterval is how often we check for stale connections
	UDPCleanupInterval = 15 * time.Second
)

Variables

This section is empty.

Functions

func ValidateIPs 

func ValidateIPs(connIP IPAddr, pktIP net.IP) bool

ValidateIPs checks if IPs match without allocation

Types

type BaseConnTrack 

type BaseConnTrack struct {
	SourceIP   net.IP
	DestIP     net.IP
	SourcePort uint16
	DestPort   uint16
	// contains filtered or unexported fields
}

BaseConnTrack provides common fields and locking for all connection types

func (*BaseConnTrack) GetLastSeen 

func (b *BaseConnTrack) GetLastSeen() time.Time

GetLastSeen safely gets the last seen timestamp

func (*BaseConnTrack) IsEstablished 

func (b *BaseConnTrack) IsEstablished() bool

IsEstablished safely checks if connection is established

func (*BaseConnTrack) SetEstablished 

func (b *BaseConnTrack) SetEstablished(state bool)

SetEstablished safely sets the established state

func (*BaseConnTrack) UpdateLastSeen 

func (b *BaseConnTrack) UpdateLastSeen()

UpdateLastSeen safely updates the last seen timestamp

type ConnKey 

type ConnKey struct {
	SrcIP   IPAddr
	DstIP   IPAddr
	SrcPort uint16
	DstPort uint16
}

ConnKey uniquely identifies a connection

type ICMPConnKey 

type ICMPConnKey struct {
	// Supports both IPv4 and IPv6
	SrcIP    [16]byte
	DstIP    [16]byte
	Sequence uint16 // ICMP sequence number
	ID       uint16 // ICMP identifier
}

ICMPConnKey uniquely identifies an ICMP connection

type ICMPConnTrack 

type ICMPConnTrack struct {
	BaseConnTrack
	Sequence uint16
	ID       uint16
}

ICMPConnTrack represents an ICMP connection state

type ICMPTracker 

type ICMPTracker struct {
	// contains filtered or unexported fields
}

ICMPTracker manages ICMP connection states

func NewICMPTracker 

func NewICMPTracker(timeout time.Duration) *ICMPTracker

NewICMPTracker creates a new ICMP connection tracker

func (*ICMPTracker) Close 

func (t *ICMPTracker) Close()

Close stops the cleanup routine and releases resources

func (*ICMPTracker) IsValidInbound 

func (t *ICMPTracker) IsValidInbound(srcIP net.IP, dstIP net.IP, id uint16, seq uint16, icmpType uint8) bool

IsValidInbound checks if an inbound ICMP Echo Reply matches a tracked request

func (*ICMPTracker) TrackOutbound 

func (t *ICMPTracker) TrackOutbound(srcIP net.IP, dstIP net.IP, id uint16, seq uint16)

TrackOutbound records an outbound ICMP Echo Request

type IPAddr 

type IPAddr [16]byte

IPAddr is a fixed-size IP address to avoid allocations

func MakeIPAddr 

func MakeIPAddr(ip net.IP) (addr IPAddr)

MakeIPAddr creates an IPAddr from net.IP

type PreallocatedIPs 

type PreallocatedIPs struct {
	sync.Pool
}

PreallocatedIPs is a pool of IP byte slices to reduce allocations

func NewPreallocatedIPs 

func NewPreallocatedIPs() *PreallocatedIPs

NewPreallocatedIPs creates a new IP pool

func (*PreallocatedIPs) Get 

func (p *PreallocatedIPs) Get() net.IP

Get retrieves an IP from the pool

func (*PreallocatedIPs) Put 

func (p *PreallocatedIPs) Put(ip net.IP)

Put returns an IP to the pool

type TCPConnKey 

type TCPConnKey struct {
	SrcIP   [16]byte
	DstIP   [16]byte
	SrcPort uint16
	DstPort uint16
}

TCPConnKey uniquely identifies a TCP connection

type TCPConnTrack 

type TCPConnTrack struct {
	BaseConnTrack
	State TCPState
	sync.RWMutex
}

TCPConnTrack represents a TCP connection state

type TCPState 

type TCPState int

TCPState represents the state of a TCP connection 

const (
	TCPStateNew TCPState = iota
	TCPStateSynSent
	TCPStateSynReceived
	TCPStateEstablished
	TCPStateFinWait1
	TCPStateFinWait2
	TCPStateClosing
	TCPStateTimeWait
	TCPStateCloseWait
	TCPStateLastAck
	TCPStateClosed
)

type TCPTracker 

type TCPTracker struct {
	// contains filtered or unexported fields
}

TCPTracker manages TCP connection states

func NewTCPTracker 

func NewTCPTracker(timeout time.Duration) *TCPTracker

NewTCPTracker creates a new TCP connection tracker

func (*TCPTracker) Close 

func (t *TCPTracker) Close()

Close stops the cleanup routine and releases resources

func (*TCPTracker) IsValidInbound 

func (t *TCPTracker) IsValidInbound(srcIP net.IP, dstIP net.IP, srcPort uint16, dstPort uint16, flags uint8) bool

IsValidInbound checks if an inbound TCP packet matches a tracked connection

func (*TCPTracker) TrackOutbound 

func (t *TCPTracker) TrackOutbound(srcIP net.IP, dstIP net.IP, srcPort uint16, dstPort uint16, flags uint8)

TrackOutbound processes an outbound TCP packet and updates connection state

type UDPConnTrack 

type UDPConnTrack struct {
	BaseConnTrack
}

UDPConnTrack represents a UDP connection state

type UDPTracker 

type UDPTracker struct {
	// contains filtered or unexported fields
}

UDPTracker manages UDP connection states

func NewUDPTracker 

func NewUDPTracker(timeout time.Duration) *UDPTracker

NewUDPTracker creates a new UDP connection tracker

func (*UDPTracker) Close 

func (t *UDPTracker) Close()

Close stops the cleanup routine and releases resources

func (*UDPTracker) GetConnection 

func (t *UDPTracker) GetConnection(srcIP net.IP, srcPort uint16, dstIP net.IP, dstPort uint16) (*UDPConnTrack, bool)

GetConnection safely retrieves a connection state

func (*UDPTracker) IsValidInbound 

func (t *UDPTracker) IsValidInbound(srcIP net.IP, dstIP net.IP, srcPort uint16, dstPort uint16) bool

IsValidInbound checks if an inbound packet matches a tracked connection

func (*UDPTracker) Timeout 

func (t *UDPTracker) Timeout() time.Duration

Timeout returns the configured timeout duration for the tracker

func (*UDPTracker) TrackOutbound 

func (t *UDPTracker) TrackOutbound(srcIP net.IP, dstIP net.IP, srcPort uint16, dstPort uint16)

TrackOutbound records an outbound UDP connection

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.