windowskext

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 10, 2022 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Rendered for windows/amd64

Overview

Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.

Index

Constants

View Source
const (
	// VerdictRequestFlagFastTrackPermitted is set on packets that have been
	// already permitted by the kernel extension and the verdict request is only
	// informational.
	VerdictRequestFlagFastTrackPermitted = 1

	// VerdictRequestFlagSocketAuth indicates that the verdict request is for a
	// connection that was intercepted on an ALE layer instead of in the network
	// stack itself. Thus, no packet data is available.
	VerdictRequestFlagSocketAuth = 2
)
View Source
const (
	METHOD_BUFFERED   = 0
	METHOD_IN_DIRECT  = 1
	METHOD_OUT_DIRECT = 2
	METHOD_NEITHER    = 3

	SIOCTL_TYPE = 40000
)

Variables

View Source
var (
	ErrKextNotReady = errors.New("the windows kernel extension (driver) is not ready to accept commands")
	ErrNoPacketID   = errors.New("the packet has no ID, possibly because it was fast-tracked by the kernel extension")
)

Package errors

View Source
var (
	IOCTL_VERSION               = ctlCode(SIOCTL_TYPE, 0x800, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
	IOCTL_RECV_VERDICT_REQ_POLL = ctlCode(SIOCTL_TYPE, 0x801, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) // Not used
	IOCTL_RECV_VERDICT_REQ      = ctlCode(SIOCTL_TYPE, 0x802, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
	IOCTL_SET_VERDICT           = ctlCode(SIOCTL_TYPE, 0x803, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
	IOCTL_GET_PAYLOAD           = ctlCode(SIOCTL_TYPE, 0x804, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
	IOCTL_CLEAR_CACHE           = ctlCode(SIOCTL_TYPE, 0x805, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
	IOCTL_UPDATE_VERDICT        = ctlCode(SIOCTL_TYPE, 0x806, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA)
)

Functions

func ClearCache added in v0.9.8

func ClearCache() error

func GetPayload

func GetPayload(packetID uint32, packetSize uint32) ([]byte, error)

GetPayload returns the payload of a packet.

func Handler

func Handler(packets chan packet.Packet)

Handler transforms received packets to the Packet interface.

func Init

func Init(path string) error

Init initializes the DLL and the Kext (Kernel Driver).

func SetVerdict

func SetVerdict(pkt *Packet, verdict network.Verdict) error

SetVerdict sets the verdict for a packet and/or connection.

func Start

func Start() error

Start intercepting.

func Stop

func Stop() error

Stop intercepting.

func UpdateVerdict added in v1.0.1

func UpdateVerdict(conn *network.Connection) error

Types

type KextService added in v1.0.1

type KextService struct {
	// contains filtered or unexported fields
}

type Packet

type Packet struct {
	packet.Base
	// contains filtered or unexported fields
}

Packet represents an IP packet.

func (*Packet) Accept

func (pkt *Packet) Accept() error

Accept accepts the packet.

func (*Packet) Block

func (pkt *Packet) Block() error

Block blocks the packet.

func (*Packet) Drop

func (pkt *Packet) Drop() error

Drop drops the packet.

func (*Packet) FastTrackedByIntegration added in v0.6.12

func (pkt *Packet) FastTrackedByIntegration() bool

FastTrackedByIntegration returns whether the packet has been fast-track accepted by the OS integration.

func (*Packet) LoadPacketData added in v0.6.9

func (pkt *Packet) LoadPacketData() error

GetPayload returns the full raw packet.

func (*Packet) PermanentAccept

func (pkt *Packet) PermanentAccept() error

PermanentAccept permanently accepts connection (and the current packet).

func (*Packet) PermanentBlock

func (pkt *Packet) PermanentBlock() error

PermanentBlock permanently blocks connection (and the current packet).

func (*Packet) PermanentDrop

func (pkt *Packet) PermanentDrop() error

PermanentDrop permanently drops connection (and the current packet).

func (*Packet) RerouteToNameserver

func (pkt *Packet) RerouteToNameserver() error

RerouteToNameserver permanently reroutes the connection to the local nameserver (and the current packet).

func (*Packet) RerouteToTunnel

func (pkt *Packet) RerouteToTunnel() error

RerouteToTunnel permanently reroutes the connection to the local tunnel entrypoint (and the current packet).

type VerdictInfo added in v1.0.1

type VerdictInfo struct {
	// contains filtered or unexported fields
}

Do not change the order of the members! The structure is used to communicate with the kernel extension.

type VerdictRequest

type VerdictRequest struct {
	// contains filtered or unexported fields
}

Do not change the order of the members! The structure is used to communicate with the kernel extension. VerdictRequest is the request structure from the Kext.

func RecvVerdictRequest

func RecvVerdictRequest() (*VerdictRequest, error)

RecvVerdictRequest waits for the next verdict request from the kext. If a timeout is reached, both *VerdictRequest and error will be nil.

type VerdictUpdateInfo added in v1.0.1

type VerdictUpdateInfo struct {
	// contains filtered or unexported fields
}

Do not change the order of the members! The structure to communicate with the kernel extension.

type VersionInfo added in v1.0.1

type VersionInfo struct {
	// contains filtered or unexported fields
}

func GetVersion added in v1.0.1

func GetVersion() (*VersionInfo, error)

func (*VersionInfo) String added in v1.0.1

func (v *VersionInfo) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL