layers

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 18, 2024 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var LayerMap = map[string]Layer{
	"ETH":    &EthernetFrame{},
	"IPv4":   &IPv4Packet{},
	"IPv6":   &IPv6Packet{},
	"ARP":    &ARPPacket{},
	"TCP":    &TCPSegment{},
	"UDP":    &UDPSegment{},
	"ICMP":   &ICMPSegment{},
	"ICMPv6": &ICMPv6Segment{},
	"DNS":    &DNSMessage{},
	"FTP":    &FTPMessage{},
	"HTTP":   &HTTPMessage{},
	"SNMP":   &SNMPMessage{},
	"SSH":    &SSHMessage{},
	"TLS":    &TLSMessage{},
}

Functions

This section is empty.

Types

type ARPPacket 

type ARPPacket struct {
	HardwareType     uint16 // Network link protocol type.
	ProtocolType     uint16 // Internetwork protocol for which the ARP request is intended.
	ProtocolTypeDesc string // Internetwork protocol description.
	Hlen             uint8  // Length (in octets) of a hardware address.
	Plen             uint8  // Length (in octets) of internetwork addresses.
	Op               uint16 // Specifies the operation that the sender is performing.
	OpDesc           string // Operation description.
	// Media address of the sender. In an ARP request this field is used to indicate
	// the address of the host sending the request. In an ARP reply this field is used
	// to indicate the address of the host that the request was looking for.
	SenderMAC net.HardwareAddr
	SenderIP  netip.Addr // Internetwork address of the sender.
	// Media address of the intended receiver. In an ARP request this field is ignored.
	// In an ARP reply this field is used to indicate the address of the host that originated the ARP request.
	TargetMAC net.HardwareAddr
	TargetIP  netip.Addr // Internetwork address of the intended receiver.
}

The Address Resolution Protocol (ARP) is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. Defined in RFC 826.

func (*ARPPacket) NextLayer 

func (ap *ARPPacket) NextLayer() (layer string, payload []byte)

func (*ARPPacket) Parse 

func (ap *ARPPacket) Parse(data []byte) error

Parse parses the given ARP packet data into the ARPPacket struct.

func (*ARPPacket) String 

func (ap *ARPPacket) String() string

func (*ARPPacket) Summary 

func (ap *ARPPacket) Summary() string

type DNSFlags 

type DNSFlags struct {
	Raw        uint16
	QR         uint8  // Indicates if the message is a query (0) or a reply (1).
	QRDesc     string // Query (0) or Reply (1)
	OPCode     uint8  // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-5
	OPCodeDesc string
	AA         uint8 // Authoritative Answer, in a response, indicates if the DNS server is authoritative for the queried hostname.
	TC         uint8 // TrunCation, indicates that this message was truncated due to excessive length.
	RD         uint8 // Recursion Desired, indicates if the client means a recursive query.
	RA         uint8 // Recursion Available, in a response, indicates if the replying DNS server supports recursion.
	Z          uint8 // Zero, reserved for future use.
	AU         uint8 // Indicates if answer/authority portion was authenticated by the server.
	NA         uint8 // Indicates if non-authenticated data is accepatable.
	RCode      uint8 // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6
	RCodeDesc  string
}

func (*DNSFlags) String 

func (df *DNSFlags) String() string

type DNSMessage 

type DNSMessage struct {
	TransactionID uint16    // Used for matching response to queries.
	Flags         *DNSFlags // Flags specify the requested operation and a response code.
	QDCount       uint16    // Count of entries in the queries section.
	ANCount       uint16    //  Count of entries in the answers section.
	NSCount       uint16    // Count of entries in the authority section.
	ARCount       uint16    // Count of entries in the additional section.
	Questions     []*QueryEntry
	AnswerRRs     []*ResourceRecord
	AuthorityRRs  []*ResourceRecord
	AdditionalRRs []*ResourceRecord
}

func (*DNSMessage) NextLayer 

func (d *DNSMessage) NextLayer() (layer string, payload []byte)

func (*DNSMessage) Parse 

func (d *DNSMessage) Parse(data []byte) error

Parse parses the given byte data into a DNSMessage struct.

func (*DNSMessage) String 

func (d *DNSMessage) String() string

func (*DNSMessage) Summary 

func (d *DNSMessage) Summary() string

type EthernetFrame 

type EthernetFrame struct {
	DstMAC        net.HardwareAddr // MAC address of the destination device.
	SrcMAC        net.HardwareAddr // MAC address of the source device.
	EtherType     uint16           // The protocol of the upper layer.
	EtherTypeDesc string           // Protocol description
	// contains filtered or unexported fields
}

An Ethernet frame is a data link layer protocol data unit.

func (*EthernetFrame) NextLayer 

func (ef *EthernetFrame) NextLayer() (string, []byte)

NextLayer returns the name and payload of the next layer protocol based on the EtherType field of the EthernetFrame.

func (*EthernetFrame) Parse 

func (ef *EthernetFrame) Parse(data []byte) error

Parse parses the given byte data into an Ethernet frame.

func (*EthernetFrame) String 

func (ef *EthernetFrame) String() string

func (*EthernetFrame) Summary 

func (ef *EthernetFrame) Summary() string

type FTPMessage 

type FTPMessage struct {
	// contains filtered or unexported fields
}

func (*FTPMessage) NextLayer 

func (f *FTPMessage) NextLayer() (layer string, payload []byte)

func (*FTPMessage) Parse 

func (f *FTPMessage) Parse(data []byte) error

func (*FTPMessage) String 

func (f *FTPMessage) String() string

func (*FTPMessage) Summary 

func (f *FTPMessage) Summary() string

type HTTPMessage 

type HTTPMessage struct {
	// contains filtered or unexported fields
}

https://developer.mozilla.org/en-US/docs/Web/HTTP/Messages port 80

func (*HTTPMessage) NextLayer 

func (h *HTTPMessage) NextLayer() (layer string, payload []byte)

func (*HTTPMessage) Parse 

func (h *HTTPMessage) Parse(data []byte) error

func (*HTTPMessage) String 

func (h *HTTPMessage) String() string

func (*HTTPMessage) Summary 

func (h *HTTPMessage) Summary() string

type ICMPSegment 

type ICMPSegment struct {
	Type     uint8  // ICMP type.
	TypeDesc string // ICMP type description.
	Code     uint8  // ICMP subtype.
	CodeDesc string // ICMP subtype description.
	// Internet checksum (RFC 1071) for error checking, calculated from the ICMP header
	// and data with value 0 substituted for this field.
	Checksum uint16
	Data     []byte // Contents vary based on the ICMP type and code.
}

ICMP is part of the Internet protocol suite as defined in RFC 792.

func (*ICMPSegment) NextLayer 

func (i *ICMPSegment) NextLayer() (layer string, payload []byte)

func (*ICMPSegment) Parse 

func (i *ICMPSegment) Parse(data []byte) error

Parse parses the given byte data into an ICMP segment struct.

func (*ICMPSegment) String 

func (i *ICMPSegment) String() string

func (*ICMPSegment) Summary 

func (i *ICMPSegment) Summary() string

type ICMPv6Segment 

type ICMPv6Segment struct {
	Type     uint8
	TypeDesc string
	Code     uint8
	CodeDesc string
	Checksum uint16
	Data     []byte
}

ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic functions.

func (*ICMPv6Segment) NextLayer 

func (i *ICMPv6Segment) NextLayer() (layer string, payload []byte)

func (*ICMPv6Segment) Parse 

func (i *ICMPv6Segment) Parse(data []byte) error

Parse parses the given byte data into an ICMPv6 segment struct.

func (*ICMPv6Segment) String 

func (i *ICMPv6Segment) String() string

func (*ICMPv6Segment) Summary 

func (i *ICMPv6Segment) Summary() string

type IPv4Flags 

type IPv4Flags struct {
	Reserved uint8
	MF       uint8
	DF       uint8
}

func (*IPv4Flags) String 

func (i *IPv4Flags) String() string

type IPv4Packet 

type IPv4Packet struct {
	Version        uint8      // 4 bits version (for IPv4, this is always equal to 4).
	IHL            uint8      // 4 bits size of header (number of 32-bit words).
	DSCP           uint8      // 6 bits specifies differentiated services.
	DSCPDesc       string     // differentiated services description.
	ECN            uint8      // 2 bits end-to-end notification of network congestion without dropping packets.
	TotalLength    uint16     // 16 bits defines the entire packet size in bytes, including header and data.
	Identification uint16     // 16 bits identifies the group of fragments of a single IP datagram.
	Flags          *IPv4Flags // 3 bits used to control or identify fragments.
	FragmentOffset uint16     // 13 bits offset of a particular fragment.
	TTL            uint8      // 8 bits limits a datagram's lifetime to prevent network failure.
	Protocol       uint8      // 8 bits defines the protocol used in the data portion of the IP datagram.
	ProtocolDesc   string     // Protocol description.
	HeaderChecksum uint16     // 16 bits used for error checking of the header.
	SrcIP          netip.Addr // IPv4 address of the sender of the packet.
	DstIP          netip.Addr // IPv4 address of the receiver of the packet.
	Options        []byte     // if ihl > 5
	// contains filtered or unexported fields
}

Internet Protocol version 4 is described in IETF publication RFC 791.

func (*IPv4Packet) NextLayer 

func (p *IPv4Packet) NextLayer() (string, []byte)

func (*IPv4Packet) Parse 

func (p *IPv4Packet) Parse(data []byte) error

Parse parses the given byte data into an IPv4 packet struct.

func (*IPv4Packet) String 

func (p *IPv4Packet) String() string

func (*IPv4Packet) Summary 

func (p *IPv4Packet) Summary() string

type IPv6Packet 

type IPv6Packet struct {
	Version        uint8         // 4 bits version field (for IPv6, this is always equal to 6).
	TrafficClass   *TrafficClass // 6 + 2 bits holds DS and ECN values.
	FlowLabel      uint32        // 20 bits high-entropy identifier of a flow of packets between a source and destination.
	PayloadLength  uint16        // 16 bits the size of the payload in octets, including any extension headers.
	NextHeader     uint8         // 8 bits specifies the type of the next header.
	NextHeaderDesc string        // next header description
	// 8 bits replaces the time to live field in IPv4. This value is decremented by one at each forwarding node
	// and the packet is discarded if it becomes 0. However, the destination node should process the packet normally
	// even if received with a hop limit of 0.
	HopLimit uint8
	SrcIP    netip.Addr // The unicast IPv6 address of the sending node.
	DstIP    netip.Addr // The IPv6 unicast or multicast address of the destination node(s).
	// contains filtered or unexported fields
}

An IPv6 packet is the smallest message entity exchanged using Internet Protocol version 6 (IPv6). IPv6 protocol defined in RFC 2460.

func (*IPv6Packet) NextLayer 

func (p *IPv6Packet) NextLayer() (string, []byte)

func (*IPv6Packet) Parse 

func (p *IPv6Packet) Parse(data []byte) error

Parse parses the given byte data into an IPv6 packet struct.

func (*IPv6Packet) String 

func (p *IPv6Packet) String() string

func (*IPv6Packet) Summary 

func (p *IPv6Packet) Summary() string

type Layer 

type Layer interface {
	fmt.Stringer
	Parse(data []byte) error
	NextLayer() (layer string, payload []byte)
	Summary() string
}

type Message 

type Message struct {
	PacketLength     uint32
	PaddingLength    uint8
	MesssageType     uint8
	MesssageTypeDesc string
	Payload          []byte
}

func (*Message) String 

func (m *Message) String() string

type QueryEntry 

type QueryEntry struct {
	Name  string       // Name of the node to which this record pertains.
	Type  *RecordType  // Type of RR in numeric form.
	Class *RecordClass // Class code.
}

func (*QueryEntry) String 

func (qe *QueryEntry) String() string

type RDataA 

type RDataA struct {
	Address netip.Addr
}

func (*RDataA) String 

func (d *RDataA) String() string

type RDataAAAA 

type RDataAAAA struct {
	Address netip.Addr
}

func (*RDataAAAA) String 

func (d *RDataAAAA) String() string

type RDataCNAME 

type RDataCNAME struct {
	CName string
}

func (*RDataCNAME) String 

func (d *RDataCNAME) String() string

type RDataHTTPS 

type RDataHTTPS struct {
	Data string // TODO: add proper parsing
}

func (*RDataHTTPS) String 

func (d *RDataHTTPS) String() string

type RDataMX 

type RDataMX struct {
	Preference uint16
	Exchange   string
}

func (*RDataMX) String 

func (d *RDataMX) String() string

type RDataNS 

type RDataNS struct {
	NsdName string
}

func (*RDataNS) String 

func (d *RDataNS) String() string

type RDataOPT 

type RDataOPT struct {
	UDPPayloadSize     uint16
	HigherBitsExtRCode uint8
	EDNSVer            uint8
	Z                  uint16
	DataLen            uint16
}

func (*RDataOPT) String 

func (d *RDataOPT) String() string

type RDataSOA 

type RDataSOA struct {
	PrimaryNS            string
	RespAuthorityMailbox string
	SerialNumber         uint32
	RefreshInterval      uint32
	RetryInterval        uint32
	ExpireLimit          uint32
	MinimumTTL           uint32
}

func (*RDataSOA) String 

func (d *RDataSOA) String() string

type RDataTXT 

type RDataTXT struct {
	TxtData string
}

func (*RDataTXT) String 

func (d *RDataTXT) String() string

type RDataUnknown 

type RDataUnknown struct {
	Data string
}

func (*RDataUnknown) String 

func (d *RDataUnknown) String() string

type Record 

type Record struct {
	ContentType     uint8
	ContentTypeDesc string
	Version         uint16
	VersionDesc     string
	Length          uint16
	// contains filtered or unexported fields
}

func (*Record) String 

func (r *Record) String() string

type RecordClass 

type RecordClass struct {
	Name string
	Val  uint16
}

func (*RecordClass) String 

func (c *RecordClass) String() string

type RecordType 

type RecordType struct {
	Name string
	Val  uint16
}

func (*RecordType) String 

func (rt *RecordType) String() string

type ResourceRecord 

type ResourceRecord struct {
	Name     string       // Name of the node to which this record pertains.
	Type     *RecordType  // Type of RR in numeric form.
	Class    *RecordClass // Class code.
	TTL      uint32       // Count of seconds that the RR stays valid.
	RDLength uint16       // Length of RData field (specified in octets).
	RData    fmt.Stringer // Additional RR-specific data.
}

func (*ResourceRecord) String 

func (rt *ResourceRecord) String() string

type SNMPMessage 

type SNMPMessage struct {
	Payload []byte
}

https://www.ranecommercial.com/legacy/pdf/ranenotes/SNMP_Simple_Network_Management_Protocol.pdf https://wiki.wireshark.org/SNMP port 161, 162

func (*SNMPMessage) NextLayer 

func (s *SNMPMessage) NextLayer() (layer string, payload []byte)

func (*SNMPMessage) Parse 

func (s *SNMPMessage) Parse(data []byte) error

func (*SNMPMessage) String 

func (s *SNMPMessage) String() string

func (*SNMPMessage) Summary 

func (s *SNMPMessage) Summary() string

type SSHMessage 

type SSHMessage struct {
	Protocol string
	Messages []*Message
}

func (*SSHMessage) NextLayer 

func (s *SSHMessage) NextLayer() (layer string, payload []byte)

func (*SSHMessage) Parse 

func (s *SSHMessage) Parse(data []byte) error

func (*SSHMessage) String 

func (s *SSHMessage) String() string

func (*SSHMessage) Summary 

func (s *SSHMessage) Summary() string

type TCPFlags 

type TCPFlags struct {
	Raw uint8
	CWR uint8
	ECE uint8
	URG uint8
	ACK uint8
	PSH uint8
	RST uint8
	SYN uint8
	FIN uint8
}

func (*TCPFlags) String 

func (t *TCPFlags) String() string

type TCPSegment 

type TCPSegment struct {
	SrcPort uint16 // Identifies the sending port.
	DstPort uint16 // Identifies the receiving port.
	// If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual
	// first data byte and the acknowledged number in the corresponding ACK are then this sequence number plus 1.
	// If the SYN flag is unset (0), then this is the accumulated sequence number of the first data byte of this
	// segment for the current session.
	SeqNumber uint32
	// If the ACK flag is set, the value is the next sequence number that the sender of the ACK is expecting.
	AckNumber  uint32
	DataOffset uint8     // 4 bits specifies the size of the TCP header in 32-bit words.
	Reserved   uint8     // 4 bits reserved for future use and should be set to zero.
	Flags      *TCPFlags // Contains 8 1-bit flags (control bits)
	// The size of the receive window, which specifies the number of window size units[b] that the sender of
	// this segment is currently willing to receive.
	WindowSize uint16
	// The 16-bit checksum field is used for error-checking of the TCP header, the payload and an IP pseudo-header.
	Checksum uint16
	// If the URG flag is set, then this 16-bit field is an offset from the sequence number
	// indicating the last urgent data byte.
	UrgentPointer uint16
	Options       []byte // The length of this field is determined by the data offset field.
	// contains filtered or unexported fields
}

TCP protocol is described in RFC 761.

func (*TCPSegment) NextLayer 

func (t *TCPSegment) NextLayer() (string, []byte)

func (*TCPSegment) Parse 

func (t *TCPSegment) Parse(data []byte) error

Parse parses the given byte data into a TCPSegment struct.

func (*TCPSegment) String 

func (t *TCPSegment) String() string

func (*TCPSegment) Summary 

func (t *TCPSegment) Summary() string

type TLSMessage 

type TLSMessage struct {
	Records []*Record
	Data    []byte
}

port 443 https://tls12.xargs.org/#client-hello/annotated https://tls13.xargs.org/#client-hello/annotated https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5

func (*TLSMessage) NextLayer 

func (t *TLSMessage) NextLayer() (layer string, payload []byte)

func (*TLSMessage) Parse 

func (t *TLSMessage) Parse(data []byte) error

func (*TLSMessage) String 

func (t *TLSMessage) String() string

func (*TLSMessage) Summary 

func (t *TLSMessage) Summary() string

type TrafficClass 

type TrafficClass struct {
	Raw      uint8
	DSCP     uint8
	DSCPDesc string
	ECN      uint8
}

func (*TrafficClass) String 

func (p *TrafficClass) String() string

type UDPSegment 

type UDPSegment struct {
	SrcPort   uint16 // Identifies the sending port.
	DstPort   uint16 // Identifies the receiving port.
	UDPLength uint16 // Specifies the length in bytes of the UDP header and UDP data.
	Checksum  uint16 // The checksum field may be used for error-checking of the header and data.
	// contains filtered or unexported fields
}

UDP protocol is defined in RFC 768.

func (*UDPSegment) NextLayer 

func (u *UDPSegment) NextLayer() (string, []byte)

func (*UDPSegment) Parse 

func (u *UDPSegment) Parse(data []byte) error

Parse parses the given byte data into a UDPSegment struct.

func (*UDPSegment) String 

func (u *UDPSegment) String() string

func (*UDPSegment) Summary 

func (u *UDPSegment) Summary() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.