sniffer

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 20, 2024 License: Apache-2.0, MIT Imports: 14 Imported by: 1

Documentation

Overview

Package sniffer provides the implementation of data-link layer endpoints that wrap another endpoint and logs inbound and outbound packets.

Sniffer endpoints can be used in the networking stack by calling New(eID) to create a new endpoint, where eID is the ID of the endpoint being wrapped, and then passing it as an argument to Stack.CreateNIC().

Index

Constants

View Source
const (
	// DirectionSend indicates a sent packet.
	DirectionSend = iota
	// DirectionRecv indicates a received packet.
	DirectionRecv
)

Variables

LogPackets is a flag used to enable or disable packet logging via the log package. Valid values are 0 or 1.

Functions

func LogPacket

func LogPacket(prefix string, dir Direction, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer)

LogPacket logs a packet to stdout.

Types

type Direction

type Direction int

A Direction indicates whether the packing is being sent or received.

func (Direction) String added in v0.9.0

func (dr Direction) String() string

type Endpoint added in v0.9.0

type Endpoint struct {
	nested.Endpoint
	// contains filtered or unexported fields
}

Endpoint is used to sniff and log network traffic.

+stateify savable

func New

func New(lower stack.LinkEndpoint) *Endpoint

New creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets and they traverse the endpoint.

func NewWithPrefix

func NewWithPrefix(lower stack.LinkEndpoint, logPrefix string) *Endpoint

NewWithPrefix creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets prefixed with logPrefix as they traverse the endpoint.

logPrefix is prepended to the log line without any separators. E.g. logPrefix = "NIC:en0/" will produce log lines like "NIC:en0/send udp [...]".

func NewWithWriter

func NewWithWriter(lower stack.LinkEndpoint, writer io.Writer, snapLen uint32) (*Endpoint, error)

NewWithWriter creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets as they traverse the endpoint.

Each packet is written to writer in the pcap format in a single Write call without synchronization. A sniffer created with this function will not emit packets using the standard log package.

snapLen is the maximum amount of a packet to be saved. Packets with a length less than or equal to snapLen will be saved in their entirety. Longer packets will be truncated to snapLen.

func (*Endpoint) DeliverNetworkPacket added in v0.9.0

func (e *Endpoint) DeliverNetworkPacket(protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer)

DeliverNetworkPacket implements the stack.NetworkDispatcher interface. It is called by the link-layer endpoint being wrapped when a packet arrives, and logs the packet before forwarding to the actual dispatcher.

func (*Endpoint) DumpPacket added in v0.9.0

func (e *Endpoint) DumpPacket(dir Direction, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer, ts *time.Time)

DumpPacket logs a packet, depending on configuration, to stderr and/or a pcap file. ts is an optional timestamp for the packet.

func (*Endpoint) StateFields added in v0.9.0

func (e *Endpoint) StateFields() []string

func (*Endpoint) StateLoad added in v0.9.0

func (e *Endpoint) StateLoad(ctx context.Context, stateSourceObject state.Source)

+checklocksignore

func (*Endpoint) StateSave added in v0.9.0

func (e *Endpoint) StateSave(stateSinkObject state.Sink)

+checklocksignore

func (*Endpoint) StateTypeName added in v0.9.0

func (e *Endpoint) StateTypeName() string

func (*Endpoint) WritePackets added in v0.9.0

func (e *Endpoint) WritePackets(pkts stack.PacketBufferList) (int, tcpip.Error)

WritePackets implements the stack.LinkEndpoint interface. It is called by higher-level protocols to write packets; it just logs the packet and forwards the request to the lower endpoint.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL