native

package

v0.5.4 Latest Latest Go to latest Published: Apr 17, 2019 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.hscsec.cn/trivago/gollum

Links

Open Source Insights

README ¶

pcap

pcaphttp.go

This plugin utilizes libpcap to listen for network traffic and reassamble http requests from it. As it uses a CGO based library it will break cross platform builds (i.e. you will have to compile it on the correct platform).

Interface defines the network interface to listen on. By default this is set to eth0, get your specific value from ifconfig.

Requirements

pcapsession.go

Requirements

Documentation ¶

Index ¶

type PcapHTTPConsumer
- func (cons *PcapHTTPConsumer) Configure(conf core.PluginConfigReader)
- func (cons *PcapHTTPConsumer) Consume(workers *sync.WaitGroup)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PcapHTTPConsumer ¶

type PcapHTTPConsumer struct {
	core.SimpleConsumer `gollumdoc:"embed_type"`
	// contains filtered or unexported fields
}

PcapHTTPConsumer consumer

NOTICE: This producer is not included in standard builds. To enable it you need to trigger a custom build with native plugins enabled. This plugin utilizes libpcap to listen for network traffic and reassamble http requests from it. As it uses a CGO based library it will break cross platform builds (i.e. you will have to compile it on the correct platform).

Parameters ¶

- Interface: Defines the name of the network interface to listen on. You can get valid values from the ifconfig shell command. By default this parameter is set to "eth0".

- Filter: Defines a libpcap compatible filter for the incoming packages. You can filter for specific ports, portocols, ips, etc.. The documentation can be found here: http://www.tcpdump.org/manpages/pcap-filter.7.txt By default this parameter is set to "dst port 80 and dst host 127.0.0.1".

- Promiscuous: Switches the network interface into promiscuous mode. This is required if you want to listen for all packages coming from the network, even those that were not meant for the ip bound to the interface you listen on. Enabling this can increase your CPU load. By default this parameter is set to false.

- TimeoutMs: Defines a timeout in milliseconds after which a tcp session is considered to have sent to the fallback, i.e. the (remaining) packages will be discarded. Every incoming packet will restart the timer for the specific client session. By default this parameter is set to 3000.

Examples

interceptHTTP:
  Type: native.PcapHTTPConsumer
  Streams: http
  Interface: eth1
  Filter: "dst port 80"
  Promiscuous: true

func (*PcapHTTPConsumer) Configure ¶

func (cons *PcapHTTPConsumer) Configure(conf core.PluginConfigReader)

Configure initializes this consumer with values from a plugin config.

func (*PcapHTTPConsumer) Consume ¶

func (cons *PcapHTTPConsumer) Consume(workers *sync.WaitGroup)

Consume enables libpcap monitoring as configured.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL