pcaputil

package
v1.3.4-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 12, 2024 License: AGPL-3.0 Imports: 30 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Exports = map[string]any{
	"StartSniff":   Sniff,
	"OpenPcapFile": OpenPcapFile,

	"pcap_bpfFilter":                    WithBPFFilter,
	"pcap_onFlowCreated":                WithOnTrafficFlowCreated,
	"pcap_onFlowClosed":                 WithOnTrafficFlowClosed,
	"pcap_onFlowDataFrameNoReassembled": WithOnTrafficFlowOnDataFrameArrived,
	"pcap_onFlowDataFrame":              WithOnTrafficFlowOnDataFrameReassembled,
	"pcap_onTLSClientHello":             WithTLSClientHello,
	"pcap_onHTTPRequest":                WithHTTPRequest,
	"pcap_onHTTPFlow":                   WithHTTPFlow,
	"pcap_everyPacket":                  WithEveryPacket,
	"pcap_debug":                        WithDebug,
	"pcap_disableAssembly":              WithDisableAssembly,
}

Functions

func AllDevices added in v1.2.8 

func AllDevices() []*pcap.Interface

func ApplicationLayerName added in v1.2.8 

func ApplicationLayerName(packet gopacket.Packet) string

func GetPcapInterfaceByIndex added in v1.2.8 

func GetPcapInterfaceByIndex(i int) (*pcap.Interface, error)

func GetPublicInternetPcapHandler 

func GetPublicInternetPcapHandler() (*pcap.Handle, error)

func IfaceNameToPcapIfaceName 

func IfaceNameToPcapIfaceName(name string) (string, error)

func IsICMP added in v1.2.8 

func IsICMP(packet gopacket.Packet) bool

func IsTCP added in v1.2.8 

func IsTCP(packet gopacket.Packet) bool

func IsUDP added in v1.2.8 

func IsUDP(packet gopacket.Packet) bool

func LinkLayerName added in v1.2.8 

func LinkLayerName(packet gopacket.Packet) string

func NetworkLayerName added in v1.2.8 

func NetworkLayerName(packet gopacket.Packet) string

func OpenFile added in v1.2.6 

func OpenFile(filename string) (*pcap.Handle, error)

func OpenIfaceLive added in v1.2.6 

func OpenIfaceLive(iface string) (*pcap.Handle, error)

func OpenPcapFile added in v1.2.7 

func OpenPcapFile(filename string, opts ...CaptureOption) error

func PcapIfaceNameToNetInterface added in v1.3.1 

func PcapIfaceNameToNetInterface(ifaceName string) (*net.Interface, error)

func PcapInterfaceEqNetInterface 

func PcapInterfaceEqNetInterface(piface pcap.Interface, iface *net.Interface) bool

func Sniff added in v1.2.7 

func Sniff(iface string, opts ...CaptureOption) error

func Start 

func Start(opt ...CaptureOption) error

func TransportLayerName added in v1.2.8 

func TransportLayerName(packet gopacket.Packet) string

Types

type CaptureConfig added in v1.2.7 

type CaptureConfig struct {
	Context context.Context

	Output *pcapgo.Writer // output debug info

	Filename        string
	OverrideCacheId string
	BPFFilter       string

	Device []string

	Debug           bool // output debug info
	EnableCache     bool //  cache for handler cache
	EmptyDeviceStop bool
	DisableAssembly bool
	// contains filtered or unexported fields
}

func NewDefaultConfig 

func NewDefaultConfig() *CaptureConfig

func (*CaptureConfig) Save added in v1.2.7 

func (c *CaptureConfig) Save(pk gopacket.Packet)

type CaptureOption 

type CaptureOption func(*CaptureConfig) error

func WithBPFFilter 

func WithBPFFilter(bpf string) CaptureOption

func WithContext 

func WithContext(ctx context.Context) CaptureOption

func WithDebug 

func WithDebug(b bool) CaptureOption

func WithDevice 

func WithDevice(devs ...string) CaptureOption

func WithDisableAssembly added in v1.3.3 

func WithDisableAssembly(b bool) CaptureOption

func WithEmptyDeviceStop added in v1.3.1 

func WithEmptyDeviceStop(b bool) CaptureOption

func WithEnableCache added in v1.3.1 

func WithEnableCache(b bool) CaptureOption

func WithEveryPacket added in v1.2.7 

func WithEveryPacket(h func(packet gopacket.Packet)) CaptureOption

func WithFile added in v1.2.6 

func WithFile(filename string) CaptureOption

func WithHTTPFlow added in v1.2.7 

func WithHTTPFlow(h func(flow *TrafficFlow, req *http.Request, rsp *http.Response)) CaptureOption

func WithHTTPRequest added in v1.2.7 

func WithHTTPRequest(h func(flow *TrafficFlow, req *http.Request)) CaptureOption

func WithMockPcapOperation added in v1.3.1 

func WithMockPcapOperation(op PcapHandleOperation) CaptureOption

func WithNetInterfaceCreated added in v1.3.1 

func WithNetInterfaceCreated(h func(handle *pcap.Handle)) CaptureOption

func WithOnTrafficFlowClosed added in v1.2.7 

func WithOnTrafficFlowClosed(h func(reason TrafficFlowCloseReason, flow *TrafficFlow)) CaptureOption

func WithOnTrafficFlowCreated added in v1.2.7 

func WithOnTrafficFlowCreated(h func(flow *TrafficFlow)) CaptureOption

func WithOnTrafficFlowOnDataFrameArrived added in v1.2.7 

func WithOnTrafficFlowOnDataFrameArrived(h func(flow *TrafficFlow, conn *TrafficConnection, frame *TrafficFrame)) CaptureOption

func WithOnTrafficFlowOnDataFrameReassembled added in v1.2.7 

func WithOnTrafficFlowOnDataFrameReassembled(h func(flow *TrafficFlow, conn *TrafficConnection, frame *TrafficFrame)) CaptureOption

func WithOutput added in v1.2.6 

func WithOutput(filename string) CaptureOption

func WithOverrideCacheId added in v1.3.1 

func WithOverrideCacheId(id string) CaptureOption

func WithTLSClientHello added in v1.2.7 

func WithTLSClientHello(h func(flow *TrafficFlow, hello *tlsutils.HandshakeClientHello)) CaptureOption

type ConvertIfaceNameError 

type ConvertIfaceNameError struct {
	// contains filtered or unexported fields
}

func NewConvertIfaceNameError 

func NewConvertIfaceNameError(name string) *ConvertIfaceNameError

func (*ConvertIfaceNameError) Error 

func (e *ConvertIfaceNameError) Error() string

type MockPcapOperation added in v1.3.1 

type MockPcapOperation struct {
}

func (*MockPcapOperation) Close added in v1.3.1 

func (m *MockPcapOperation) Close()

func (*MockPcapOperation) SetBPFFilter added in v1.3.1 

func (m *MockPcapOperation) SetBPFFilter(filter string) error

type PcapHandleOperation added in v1.3.1 

type PcapHandleOperation interface {
	SetBPFFilter(filter string) error
	Close()
}

type TrafficConnection added in v1.2.7 

type TrafficConnection struct {
	Flow *TrafficFlow
	// contains filtered or unexported fields
}

TrafficConnection is a tcp connection

func (*TrafficConnection) Close added in v1.2.7 

func (t *TrafficConnection) Close() bool

func (*TrafficConnection) CloseFlow added in v1.2.7 

func (t *TrafficConnection) CloseFlow() bool

func (*TrafficConnection) FeedClient added in v1.2.7 

func (t *TrafficConnection) FeedClient(tcp *layers.TCP, ts time.Time)

func (*TrafficConnection) FeedServer added in v1.2.7 

func (t *TrafficConnection) FeedServer(tcp *layers.TCP, ts time.Time)

func (*TrafficConnection) GetBuffer added in v1.2.7 

func (c *TrafficConnection) GetBuffer() io.Reader

func (*TrafficConnection) Hash added in v1.2.7 

func (t *TrafficConnection) Hash() string

func (*TrafficConnection) IsClosed added in v1.2.7 

func (t *TrafficConnection) IsClosed() bool

func (*TrafficConnection) IsHttpRequestConn added in v1.3.2 

func (t *TrafficConnection) IsHttpRequestConn() bool

func (*TrafficConnection) IsHttpResponseConn added in v1.3.2 

func (t *TrafficConnection) IsHttpResponseConn() bool

func (*TrafficConnection) IsMarkedAsHttpPacket added in v1.3.2 

func (t *TrafficConnection) IsMarkedAsHttpPacket() bool

func (*TrafficConnection) LocalAddr added in v1.2.8 

func (t *TrafficConnection) LocalAddr() net.Addr

func (*TrafficConnection) LocalIP added in v1.2.8 

func (t *TrafficConnection) LocalIP() net.IP

func (*TrafficConnection) LocalPort added in v1.2.8 

func (t *TrafficConnection) LocalPort() int

func (*TrafficConnection) MarkAsHttpRequestConn added in v1.3.2 

func (t *TrafficConnection) MarkAsHttpRequestConn(b bool)

func (*TrafficConnection) Read added in v1.2.7 

func (t *TrafficConnection) Read(buf []byte) (int, error)

func (*TrafficConnection) Release added in v1.3.3 

func (t *TrafficConnection) Release()

func (*TrafficConnection) RemoteAddr added in v1.2.8 

func (t *TrafficConnection) RemoteAddr() net.Addr

func (*TrafficConnection) RemoteIP added in v1.2.8 

func (t *TrafficConnection) RemoteIP() net.IP

func (*TrafficConnection) RemotePort added in v1.2.8 

func (t *TrafficConnection) RemotePort() int

func (*TrafficConnection) String added in v1.2.7 

func (t *TrafficConnection) String() string

func (*TrafficConnection) Write added in v1.2.7 

func (t *TrafficConnection) Write(b []byte, seq int64, ts time.Time) (int, error)

type TrafficFlow added in v1.2.7 

type TrafficFlow struct {
	ClientConn *TrafficConnection

	ServerConn *TrafficConnection

	Hash           string
	HardwareSrcMac string
	HardwareDstMac string

	Index               uint64
	IsHalfOpen          bool
	IsIpv6              bool
	IsEthernetLinkLayer bool
	IsIpv4              bool
	// contains filtered or unexported fields
}

TrafficFlow is a tcp flow lifecycle is created -> data-feeding -> closed(fin/rst/timeout) OnFrame: frame -> flow -> connection OnClosed: reason(fin/rst/timeout) -> flow OnCreated: flow created

func (*TrafficFlow) AutoTriggerHTTPFlow added in v1.3.2 

func (t *TrafficFlow) AutoTriggerHTTPFlow(h func(*TrafficFlow, *http.Request, *http.Response))

func (*TrafficFlow) CanShiftHTTPFlow added in v1.3.2 

func (t *TrafficFlow) CanShiftHTTPFlow() bool

func (*TrafficFlow) Close added in v1.3.3 

func (t *TrafficFlow) Close()

func (*TrafficFlow) ForceShutdownConnection added in v1.3.2 

func (t *TrafficFlow) ForceShutdownConnection()

func (*TrafficFlow) GetHTTPRequestConnection added in v1.3.2 

func (t *TrafficFlow) GetHTTPRequestConnection() *TrafficConnection

func (*TrafficFlow) GetHTTPResponseConnection added in v1.3.2 

func (t *TrafficFlow) GetHTTPResponseConnection() *TrafficConnection

func (*TrafficFlow) IsClosed added in v1.2.7 

func (t *TrafficFlow) IsClosed() bool

func (*TrafficFlow) Release added in v1.3.3 

func (t *TrafficFlow) Release()

func (*TrafficFlow) ShiftFlow added in v1.3.2 

func (t *TrafficFlow) ShiftFlow() (*http.Request, *http.Response)

func (*TrafficFlow) StashHTTPRequest added in v1.2.7 

func (t *TrafficFlow) StashHTTPRequest(req *http.Request)

func (*TrafficFlow) StashHTTPResponse added in v1.3.2 

func (t *TrafficFlow) StashHTTPResponse(rsp *http.Response)

func (*TrafficFlow) String added in v1.2.7 

func (t *TrafficFlow) String() string

type TrafficFlowCloseReason added in v1.2.7 

type TrafficFlowCloseReason string
const (
	TrafficFlowCloseReason_FIN        TrafficFlowCloseReason = "fin"
	TrafficFlowCloseReason_RST        TrafficFlowCloseReason = "rst"
	TrafficFlowCloseReason_CTX_CANCEL TrafficFlowCloseReason = "ctx-canceled"
	TrafficFlowCloseReason_INACTIVE   TrafficFlowCloseReason = "inactive"
)

type TrafficFrame added in v1.2.7 

type TrafficFrame struct {
	Timestamp  time.Time
	Connection *TrafficConnection
	ConnHash   string // connection local -> remote
	Payload    []byte
	Seq        uint32
	Done       bool
}

TrafficFrame is a tcp frame

type TrafficPool added in v1.2.7 

type TrafficPool struct {
	// contains filtered or unexported fields
}

func NewTrafficPool 

func NewTrafficPool(ctx context.Context) *TrafficPool

func (*TrafficPool) AddWaitGroupDelta added in v1.3.2 

func (p *TrafficPool) AddWaitGroupDelta(delta int)

func (*TrafficPool) Done added in v1.3.2 

func (p *TrafficPool) Done()

func (*TrafficPool) Feed added in v1.2.7 

func (p *TrafficPool) Feed(ethernetLayer *layers.Ethernet, networkLayer gopacket.SerializableLayer, transportLayer *layers.TCP, tss ...time.Time)

func (*TrafficPool) NewFlow added in v1.2.7 

func (p *TrafficPool) NewFlow(netType string, srcAddr, dstAddr string) (*TrafficFlow, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.