Documentation ¶
Index ¶
- Constants
- func GetICMPv4PortEquivalents(p1, p2 uint8) (uint16, uint16, bool)
- func GetICMPv6PortEquivalents(p1, p2 uint8) (uint16, uint16, bool)
- func PcapFlowTupleSource(file string) (<-chan PcapFlowTuple, error)
- type CommunityID
- type CommunityIDv1
- func (cid CommunityIDv1) Calc(ft FlowTuple) []byte
- func (cid CommunityIDv1) CalcBase64(ft FlowTuple) string
- func (cid CommunityIDv1) CalcHex(ft FlowTuple) string
- func (cid CommunityIDv1) Hash(ft FlowTuple) hash.Hash
- func (cid CommunityIDv1) Render(h hash.Hash) []byte
- func (cid CommunityIDv1) RenderBase64(h hash.Hash) string
- func (cid CommunityIDv1) RenderHex(h hash.Hash) string
- type FlowTuple
- func MakeFlowTuple(srcip, dstip net.IP, srcport, dstport uint16, proto uint8) FlowTuple
- func MakeFlowTupleICMP(srcip, dstip net.IP, srcport, dstport uint16) FlowTuple
- func MakeFlowTupleICMP6(srcip, dstip net.IP, srcport, dstport uint16) FlowTuple
- func MakeFlowTupleSCTP(srcip, dstip net.IP, srcport, dstport uint16) FlowTuple
- func MakeFlowTupleTCP(srcip, dstip net.IP, srcport, dstport uint16) FlowTuple
- func MakeFlowTupleUDP(srcip, dstip net.IP, srcport, dstport uint16) FlowTuple
- type PcapFlowTuple
Constants ¶
const ( ProtoICMP = 1 ProtoTCP = 6 ProtoUDP = 17 ProtoICMP6 = 58 ProtoSCTP = 132 )
Define protocol number constants.
Variables ¶
This section is empty.
Functions ¶
func GetICMPv4PortEquivalents ¶
GetICMPv4PortEquivalents returns ICMPv4 codes mapped back to pseudo port numbers, as well as a bool indicating whether a communication is one-way.
func GetICMPv6PortEquivalents ¶
GetICMPv6PortEquivalents returns ICMPv6 codes mapped back to pseudo port numbers, as well as a bool indicating whether a communication is one-way.
func PcapFlowTupleSource ¶
func PcapFlowTupleSource(file string) (<-chan PcapFlowTuple, error)
PcapFlowTupleSource returns, for a given pcap file name, a channel delivering PcapFlowTuples for each packet in the file. If the file cannot be read for some reason, an error is returned as well accordingly.
Types ¶
type CommunityID ¶
type CommunityID interface { Calc(FlowTuple) []byte CalcHex(FlowTuple) string CalcBase64(FlowTuple) string Hash(FlowTuple) hash.Hash Render(hash.Hash) []byte RenderHex(hash.Hash) string RenderBase64(hash.Hash) string }
CommunityID is an interface defining the supported operations on a component calculating a specific community ID version.
func GetCommunityIDByVersion ¶
func GetCommunityIDByVersion(version uint, seed uint16) (CommunityID, error)
GetCommunityIDByVersion returns, for a given version number and seed, an object implementing the CommunityID interface for the specified version. This will be preconfigured with the given seed.
type CommunityIDv1 ¶
type CommunityIDv1 struct {
Seed uint16
}
CommunityIDv1 encapsulates the calculation code for version 1 of the Community ID flow hashing algorithm.
func (CommunityIDv1) Calc ¶
func (cid CommunityIDv1) Calc(ft FlowTuple) []byte
Calc returns the community id value for a given FlowTuple, as an unformatted byte slice.
func (CommunityIDv1) CalcBase64 ¶
func (cid CommunityIDv1) CalcBase64(ft FlowTuple) string
CalcBase64 returns the community id value for a given FlowTuple, as an Base64-encoded string.
func (CommunityIDv1) CalcHex ¶
func (cid CommunityIDv1) CalcHex(ft FlowTuple) string
CalcHex returns the community id value for a given FlowTuple, as an hex-encoded string.
func (CommunityIDv1) Hash ¶
func (cid CommunityIDv1) Hash(ft FlowTuple) hash.Hash
Hash returns a hash.Hash instance (SHA1) in a state corresponding to all input value already dealt with in the hash.
func (CommunityIDv1) Render ¶
func (cid CommunityIDv1) Render(h hash.Hash) []byte
Render returns the value of the given hash, as an unformatted byte slice.
func (CommunityIDv1) RenderBase64 ¶
func (cid CommunityIDv1) RenderBase64(h hash.Hash) string
RenderBase64 returns the value of the given hash, as Base64-encoded string.
type FlowTuple ¶
type FlowTuple struct { Srcip net.IP Dstip net.IP Srcport uint16 Dstport uint16 Proto uint8 IsOneWay bool }
FlowTuple is a collection of all values required for ID calculation.
func MakeFlowTuple ¶
MakeFlowTuple returns a FlowTuple for the given set of communication details: protocol, IPs (source, destination) and ports (source, destination).
func MakeFlowTupleICMP ¶
MakeFlowTupleICMP returns a FlowTuple with the ICMPv4 protocol preconfigured.
func MakeFlowTupleICMP6 ¶
MakeFlowTupleICMP6 returns a FlowTuple with the ICMPv6 protocol preconfigured.
func MakeFlowTupleSCTP ¶
MakeFlowTupleSCTP returns a FlowTuple with the SCTP protocol preconfigured.
func MakeFlowTupleTCP ¶
MakeFlowTupleTCP returns a FlowTuple with the TCP protocol preconfigured.
func MakeFlowTupleUDP ¶
MakeFlowTupleUDP returns a FlowTuple with the UDP protocol preconfigured.
type PcapFlowTuple ¶
type PcapFlowTuple struct { FlowTuple FlowTuple Metadata *gopacket.PacketMetadata }
PcapFlowTuple represents a pair of the FlowTuple for a packet as well as its packet metadata (e.g. timestamp).