Documentation ¶
Overview ¶
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
Index ¶
- Constants
- Variables
- func ClearCache() error
- func GetPayload(packetID uint32, packetSize uint32) ([]byte, error)
- func Handler(packets chan packet.Packet)
- func Init(path string) error
- func SetVerdict(pkt *Packet, verdict network.Verdict) error
- func Start() error
- func Stop() error
- func UpdateVerdict(conn *network.Connection) error
- type KextService
- type Packet
- func (pkt *Packet) Accept() error
- func (pkt *Packet) Block() error
- func (pkt *Packet) Drop() error
- func (pkt *Packet) FastTrackedByIntegration() bool
- func (pkt *Packet) LoadPacketData() error
- func (pkt *Packet) PermanentAccept() error
- func (pkt *Packet) PermanentBlock() error
- func (pkt *Packet) PermanentDrop() error
- func (pkt *Packet) RerouteToNameserver() error
- func (pkt *Packet) RerouteToTunnel() error
- type VerdictInfo
- type VerdictRequest
- type VerdictUpdateInfo
- type VersionInfo
Constants ¶
const ( // VerdictRequestFlagFastTrackPermitted is set on packets that have been // already permitted by the kernel extension and the verdict request is only // informational. VerdictRequestFlagFastTrackPermitted = 1 // VerdictRequestFlagSocketAuth indicates that the verdict request is for a // connection that was intercepted on an ALE layer instead of in the network // stack itself. Thus, no packet data is available. VerdictRequestFlagSocketAuth = 2 )
const ( METHOD_BUFFERED = 0 METHOD_IN_DIRECT = 1 METHOD_OUT_DIRECT = 2 METHOD_NEITHER = 3 SIOCTL_TYPE = 40000 )
Variables ¶
var ( ErrKextNotReady = errors.New("the windows kernel extension (driver) is not ready to accept commands") ErrNoPacketID = errors.New("the packet has no ID, possibly because it was fast-tracked by the kernel extension") )
Package errors
var ( IOCTL_VERSION = ctlCode(SIOCTL_TYPE, 0x800, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_RECV_VERDICT_REQ_POLL = ctlCode(SIOCTL_TYPE, 0x801, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) // Not used IOCTL_RECV_VERDICT_REQ = ctlCode(SIOCTL_TYPE, 0x802, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_SET_VERDICT = ctlCode(SIOCTL_TYPE, 0x803, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_GET_PAYLOAD = ctlCode(SIOCTL_TYPE, 0x804, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_CLEAR_CACHE = ctlCode(SIOCTL_TYPE, 0x805, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_UPDATE_VERDICT = ctlCode(SIOCTL_TYPE, 0x806, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) )
Functions ¶
func ClearCache ¶ added in v0.9.8
func ClearCache() error
func GetPayload ¶
GetPayload returns the payload of a packet.
func SetVerdict ¶
SetVerdict sets the verdict for a packet and/or connection.
func UpdateVerdict ¶ added in v1.0.1
func UpdateVerdict(conn *network.Connection) error
Types ¶
type KextService ¶ added in v1.0.1
type KextService struct {
// contains filtered or unexported fields
}
type Packet ¶
Packet represents an IP packet.
func (*Packet) FastTrackedByIntegration ¶ added in v0.6.12
FastTrackedByIntegration returns whether the packet has been fast-track accepted by the OS integration.
func (*Packet) LoadPacketData ¶ added in v0.6.9
GetPayload returns the full raw packet.
func (*Packet) PermanentAccept ¶
PermanentAccept permanently accepts connection (and the current packet).
func (*Packet) PermanentBlock ¶
PermanentBlock permanently blocks connection (and the current packet).
func (*Packet) PermanentDrop ¶
PermanentDrop permanently drops connection (and the current packet).
func (*Packet) RerouteToNameserver ¶
RerouteToNameserver permanently reroutes the connection to the local nameserver (and the current packet).
func (*Packet) RerouteToTunnel ¶
RerouteToTunnel permanently reroutes the connection to the local tunnel entrypoint (and the current packet).
type VerdictInfo ¶ added in v1.0.1
type VerdictInfo struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure is used to communicate with the kernel extension.
type VerdictRequest ¶
type VerdictRequest struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure is used to communicate with the kernel extension. VerdictRequest is the request structure from the Kext.
func RecvVerdictRequest ¶
func RecvVerdictRequest() (*VerdictRequest, error)
RecvVerdictRequest waits for the next verdict request from the kext. If a timeout is reached, both *VerdictRequest and error will be nil.
type VerdictUpdateInfo ¶ added in v1.0.1
type VerdictUpdateInfo struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure to communicate with the kernel extension.
type VersionInfo ¶ added in v1.0.1
type VersionInfo struct {
// contains filtered or unexported fields
}
func GetVersion ¶ added in v1.0.1
func GetVersion() (*VersionInfo, error)
func (*VersionInfo) String ¶ added in v1.0.1
func (v *VersionInfo) String() string