The highest tagged major version is
Documentation
¶
Rendered for windows/amd64
Index ¶
Constants ¶
View Source
const ( FilterActionContinue = iota FilterActionAllow FilterActionBlock FilterActionProxy FilterActionNfq FilterActionForceNfq FilterActionAllowOnce FilterActionGotoFilter FilterActionSetMark )
See frontmanIO.h for #defines
View Source
const ( BytesMatchStartIPHeader = iota + 1 BytesMatchStartProtocolHeader BytesMatchStartPayload )
See frontmanIO.h for #defines
View Source
const ( ProcessMatchProcess = iota + 1 // Match the process id ProcessMatchChildren // Match the child processes )
ProcessMatch constants
View Source
const ( CriteriaListFormatString = iota + 1 CriteriaListFormatJSON )
See Filter_set.h
View Source
const ( IpsetsDetailFormatString = iota + 1 IpsetsDetailFormatJSON )
See Ipset.h
View Source
const ( MatchTypeMatch = uint8(1) MatchTypeNoMatch = uint8(2) )
See frontmanIO.h
View Source
const ( IPVersionAny = uint8(0) // Rule is for Ipv4 or Ipv6 IPVersion4 = uint8(1) // Rule is just for Ipv4 IPVersion6 = uint8(2) // Rule is just for Ipv6 )
See frontmanIO.h
Variables ¶
View Source
var Driver = ABI(&driver{})
Driver is actually the concrete calls into the Frontman dll, which call into the driver
View Source
var Wrapper = WrapDriver(&wrapper{ driverHandle: uintptr(syscall.InvalidHandle), ruleCleaner: newRuleCleanup(), })
Wrapper is the driver/dll wrapper implementation
Functions ¶
func WideCharPointerToString ¶
WideCharPointerToString converts a pointer to a zero-terminated wide character string to a golang string
Types ¶
type ABI ¶
type ABI interface {
GetDestInfo(driverHandle, socket, destInfo uintptr) (uintptr, error)
ApplyDestHandle(socket, destHandle uintptr) (uintptr, error)
FreeDestHandle(destHandle uintptr) (uintptr, error)
NewIpset(driverHandle, name, ipsetType, ipset uintptr) (uintptr, error)
GetIpset(driverHandle, name, ipset uintptr) (uintptr, error)
DestroyAllIpsets(driverHandle, prefix uintptr) (uintptr, error)
ListIpsets(driverHandle, ipsetNames, ipsetNamesSize, bytesReturned uintptr) (uintptr, error)
ListIpsetsDetail(driverHandle, format, ipsetNames, ipsetNamesSize, bytesReturned uintptr) (uintptr, error)
IpsetAdd(driverHandle, ipset, entry, timeout uintptr) (uintptr, error)
IpsetAddOption(driverHandle, ipset, entry, option, timeout uintptr) (uintptr, error)
IpsetDelete(driverHandle, ipset, entry uintptr) (uintptr, error)
IpsetDestroy(driverHandle, ipset uintptr) (uintptr, error)
IpsetFlush(driverHandle, ipset uintptr) (uintptr, error)
IpsetTest(driverHandle, ipset, entry uintptr) (uintptr, error)
PacketFilterStart(frontman, firewallName, receiveCallback, loggingCallback uintptr) (uintptr, error)
PacketFilterClose() (uintptr, error)
PacketFilterForward(info, packet uintptr) (uintptr, error)
AppendFilter(driverHandle, outbound, filterName, isGotoFilter uintptr) (uintptr, error)
InsertFilter(driverHandle, outbound, priority, filterName, isGotoFilter uintptr) (uintptr, error)
DestroyFilter(driverHandle, filterName uintptr) (uintptr, error)
EmptyFilter(driverHandle, filterName uintptr) (uintptr, error)
GetFilterList(driverHandle, outbound, buffer, bufferSize, bytesReturned uintptr) (uintptr, error)
AppendFilterCriteria(driverHandle, filterName, criteriaName, ruleSpec, ipsetRuleSpecs, ipsetRuleSpecCount uintptr) (uintptr, error)
DeleteFilterCriteria(driverHandle, filterName, criteriaName uintptr) (uintptr, error)
GetCriteriaList(driverHandle, format, criteriaList, criteriaListSize, bytesReturned uintptr) (uintptr, error)
}
ABI represents the 'application binary interface' to the Frontman dll
type DestInfo ¶
type DestInfo struct {
IPAddr *uint16 // WCHAR* IPAddress Destination address allocated and will be free by FrontmanFreeDestHandle
Port uint16 // USHORT Port Destination port
Outbound int32 // INT32 Outbound Whether or not this is an outbound or inbound connection
ProcessID uint64 // UINT64 ProcessId Process id. Only available for outbound connections
DestHandle uintptr // LPVOID DestHandle Handle to memory that must be freed by called ProxyDestConnected when connection is established.
}
DestInfo mirrors frontman's DEST_INFO struct
type IcmpRange ¶
type IcmpRange struct {
IcmpTypeSpecified uint8
IcmpType uint8
IcmpCodeSpecified uint8
IcmpCodeLower uint8
IcmpCodeUpper uint8
}
IcmpRange mirrors frontman's ICMP_RANGE struct
type IpsetRuleSpec ¶
type IpsetRuleSpec struct {
NotIpset uint8
IpsetDstIP uint8
IpsetDstPort uint8
IpsetSrcIP uint8
IpsetSrcPort uint8
Reserved1 uint8
Reserved2 uint8
Reserved3 uint8
IpsetName uintptr // const wchar_t*
}
IpsetRuleSpec mirrors frontman's IPSET_RULE_SPEC struct
type LogPacketInfo ¶
type LogPacketInfo struct {
Ipv4 uint8
Protocol uint8
Outbound uint8
Reserved1 uint8
LocalPort uint16
RemotePort uint16
LocalAddr [4]uint32
RemoteAddr [4]uint32
PacketSize uint32
GroupID uint32
LogPrefix [64]uint16
}
LogPacketInfo mirrors frontman's FRONTMAN_LOG_PACKET_INFO struct
type PacketInfo ¶
type PacketInfo struct {
Ipv4 uint8
Protocol uint8
Outbound uint8
Drop uint8
IgnoreFlow uint8
HandleLoopback uint8 // Not to be set by go code, but is for outbound loopback packets
NewPacket uint8 // Set to 1 if packet did not originate from the driver.
NoPidMatchOnFlow uint8 // Set to 1 to ignore process ID rule matches.
DropFlow uint8
SetMark uint8
Reserved [2]uint8
SetMarkValue uint32
LocalPort uint16
RemotePort uint16
LocalAddr [4]uint32
RemoteAddr [4]uint32
IfIdx uint32
SubIfIdx uint32
CompartmentID uint32
PacketSize uint32
Mark uint32
StartTimeReceivedFromNetwork uint64
StartTimeSentToUserLand uint64
}
PacketInfo mirrors frontman's FRONTMAN_PACKET_INFO struct
type RuleSpec ¶
type RuleSpec struct {
Action uint8
Log uint8
Protocol uint8
ProtocolSpecified uint8
AleAuthConnect uint8 // not used by us
ProcessFlags uint8 // See frontmanIO.h bit mask PROCESS_MATCH_PROCESS and/or PROCESS_MATCH_CHILDREN
TCPFlags uint8
TCPFlagsMask uint8
TCPFlagsSpecified uint8
TCPOption uint8
TCPOptionSpecified uint8
CompartmentIDSpecified uint8
BytesNoMatch uint8
FlowMarkMatchType uint8 // MATCH_TYPE_MATCH = 1 MATCH_TYPE_NOMATCH = 2
IPVersionMatch uint8 // IP_VERSION_ANY, IP_VERSION_4, or IP_VERSION_6
Reserved uint8
FlowMark uint32
CompartmentID uint32
IcmpRanges *IcmpRange
IcmpRangeCount int32
ProxyPort uint16
BytesMatchStart int16 // See frontmanIO.h for BYTESMATCH defines.
BytesMatchOffset int32
BytesMatchSize int32
BytesMatch *byte
Mark uint32
GroupID uint32
SrcPortCount int32
DstPortCount int32
SrcPorts *PortRange
DstPorts *PortRange
LogPrefix uintptr // const wchar_t*
Application uintptr // const wchar_t*
ProcessID uint64
GotoFilterName uintptr // const wchar_t*
}
RuleSpec mirrors frontman's RULE_SPEC struct
type WrapDriver ¶
type WrapDriver interface {
GetDestInfo(socket uintptr, destInfo *DestInfo) error
ApplyDestHandle(socket, destHandle uintptr) error
FreeDestHandle(destHandle uintptr) error
NewIpset(name, ipsetType string) (uintptr, error)
GetIpset(name string) (uintptr, error)
DestroyAllIpsets(prefix string) error
ListIpsets() ([]string, error)
ListIpsetsDetail(format int) (string, error)
IpsetAdd(ipsetHandle uintptr, entry string, timeout int) error
IpsetAddOption(ipsetHandle uintptr, entry, option string, timeout int) error
IpsetDelete(ipsetHandle uintptr, entry string) error
IpsetDestroy(ipsetHandle uintptr, name string) error
IpsetFlush(ipsetHandle uintptr) error
IpsetTest(ipsetHandle uintptr, entry string) (bool, error)
PacketFilterStart(firewallName string, receiveCallback, loggingCallback func(uintptr, uintptr) uintptr) error
PacketFilterClose() error
PacketFilterForward(info *PacketInfo, packetBytes []byte) error
AppendFilter(outbound bool, filterName string, isGotoFilter bool) error
InsertFilter(outbound bool, priority int, filterName string, isGotoFilter bool) error
DestroyFilter(filterName string) error
EmptyFilter(filterName string) error
GetFilterList(outbound bool) ([]string, error)
AppendFilterCriteria(filterName, criteriaName string, ruleSpec *RuleSpec, ipsetRuleSpecs []IpsetRuleSpec) error
DeleteFilterCriteria(filterName, criteriaName string) error
GetCriteriaList(format int) (string, error)
}
WrapDriver represents convenience wrapper methods for calling our Windows Frontman DLL
Source Files
Click to show internal directories.
Click to hide internal directories.