Documentation ¶
Overview ¶
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
Index ¶
- Constants
- Variables
- func BandwidthStatsWorker(ctx context.Context, collectInterval time.Duration, ...) error
- func ClearCache() error
- func GetPayload(packetID uint32, packetSize uint32) ([]byte, error)
- func Handler(ctx context.Context, packets chan packet.Packet)
- func Init(path string) error
- func SetVerdict(pkt *Packet, verdict network.Verdict) error
- func Start() error
- func StartBandwithConsoleLogger()
- func Stop() error
- func UpdateVerdict(conn *network.Connection) error
- type ConnectionStat
- type KextService
- type Key
- type Packet
- func (pkt *Packet) Accept() error
- func (pkt *Packet) Block() error
- func (pkt *Packet) Drop() error
- func (pkt *Packet) ExpectInfo() bool
- func (pkt *Packet) FastTrackedByIntegration() bool
- func (pkt *Packet) InfoOnly() bool
- func (pkt *Packet) LoadPacketData() error
- func (pkt *Packet) PermanentAccept() error
- func (pkt *Packet) PermanentBlock() error
- func (pkt *Packet) PermanentDrop() error
- func (pkt *Packet) RerouteToNameserver() error
- func (pkt *Packet) RerouteToTunnel() error
- type Rxtxdata
- type VerdictInfo
- type VerdictRequest
- type VerdictUpdateInfo
- type VersionInfo
Constants ¶
const ( // VerdictRequestFlagFastTrackPermitted is set on packets that have been // already permitted by the kernel extension and the verdict request is only // informational. VerdictRequestFlagFastTrackPermitted = 1 // VerdictRequestFlagSocketAuth indicates that the verdict request is for a // connection that was intercepted on an ALE layer instead of in the network // stack itself. Thus, no packet data is available. VerdictRequestFlagSocketAuth = 2 // VerdictRequestFlagExpectSocketAuth indicates that the next verdict // requests is expected to be an informational socket auth request from // the ALE layer. VerdictRequestFlagExpectSocketAuth = 4 )
const ( METHOD_BUFFERED = 0 METHOD_IN_DIRECT = 1 METHOD_OUT_DIRECT = 2 METHOD_NEITHER = 3 SIOCTL_TYPE = 40000 )
Variables ¶
var ( ErrKextNotReady = errors.New("the windows kernel extension (driver) is not ready to accept commands") ErrNoPacketID = errors.New("the packet has no ID, possibly because it was fast-tracked by the kernel extension") )
Package errors
var ( IOCTL_VERSION = ctlCode(SIOCTL_TYPE, 0x800, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_SHUTDOWN_REQUEST = ctlCode(SIOCTL_TYPE, 0x801, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_RECV_VERDICT_REQ = ctlCode(SIOCTL_TYPE, 0x802, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_SET_VERDICT = ctlCode(SIOCTL_TYPE, 0x803, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_GET_PAYLOAD = ctlCode(SIOCTL_TYPE, 0x804, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_CLEAR_CACHE = ctlCode(SIOCTL_TYPE, 0x805, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_UPDATE_VERDICT = ctlCode(SIOCTL_TYPE, 0x806, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) IOCTL_GET_CONNECTIONS_STAT = ctlCode(SIOCTL_TYPE, 0x807, METHOD_BUFFERED, windows.FILE_READ_DATA|windows.FILE_WRITE_DATA) )
Functions ¶
func BandwidthStatsWorker ¶
func ClearCache ¶
func ClearCache() error
func GetPayload ¶
GetPayload returns the payload of a packet.
func SetVerdict ¶
SetVerdict sets the verdict for a packet and/or connection.
func StartBandwithConsoleLogger ¶
func StartBandwithConsoleLogger()
func UpdateVerdict ¶
func UpdateVerdict(conn *network.Connection) error
Types ¶
type ConnectionStat ¶
type ConnectionStat struct {
// contains filtered or unexported fields
}
func GetConnectionsStats ¶
func GetConnectionsStats() ([]ConnectionStat, error)
type KextService ¶
type KextService struct {
// contains filtered or unexported fields
}
type Packet ¶
Packet represents an IP packet.
func (*Packet) ExpectInfo ¶
ExpectInfo returns whether the next packet is expected to be informational only.
func (*Packet) FastTrackedByIntegration ¶
FastTrackedByIntegration returns whether the packet has been fast-track accepted by the OS integration.
func (*Packet) InfoOnly ¶
InfoOnly returns whether the packet is informational only and does not represent an actual packet.
func (*Packet) LoadPacketData ¶
GetPayload returns the full raw packet.
func (*Packet) PermanentAccept ¶
PermanentAccept permanently accepts connection (and the current packet).
func (*Packet) PermanentBlock ¶
PermanentBlock permanently blocks connection (and the current packet).
func (*Packet) PermanentDrop ¶
PermanentDrop permanently drops connection (and the current packet).
func (*Packet) RerouteToNameserver ¶
RerouteToNameserver permanently reroutes the connection to the local nameserver (and the current packet).
func (*Packet) RerouteToTunnel ¶
RerouteToTunnel permanently reroutes the connection to the local tunnel entrypoint (and the current packet).
type VerdictInfo ¶
type VerdictInfo struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure is used to communicate with the kernel extension.
type VerdictRequest ¶
type VerdictRequest struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure is used to communicate with the kernel extension. VerdictRequest is the request structure from the Kext.
func RecvVerdictRequest ¶
func RecvVerdictRequest() (*VerdictRequest, error)
RecvVerdictRequest waits for the next verdict request from the kext. If a timeout is reached, both *VerdictRequest and error will be nil.
type VerdictUpdateInfo ¶
type VerdictUpdateInfo struct {
// contains filtered or unexported fields
}
Do not change the order of the members! The structure to communicate with the kernel extension.
type VersionInfo ¶
type VersionInfo struct {
// contains filtered or unexported fields
}
func GetVersion ¶
func GetVersion() (*VersionInfo, error)
func (*VersionInfo) String ¶
func (v *VersionInfo) String() string