packet

package
v10.121.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2019 License: Apache-2.0 Imports: 9 Imported by: 9

Documentation

Overview

Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Index

Constants

View Source 
const (
	// IPProtocolTCP defines the constant for UDP protocol number
	IPProtocolTCP = 6

	// IPProtocolUDP defines the constant for UDP protocol number
	IPProtocolUDP = 17
)

IP Protocol numbers

View Source 
const (

	// TCPSynMask is a mask for the TCP Syn flags
	TCPSynMask = 0x2

	// TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
	TCPSynAckMask = 0x12

	// TCPRstMask mask that identifies RST packets
	TCPRstMask = 0x4

	// TCPAckMask mask that identifies ACK packets
	TCPAckMask = 0x10

	// TCPFinMask mask that identifies FIN packets
	TCPFinMask = 0x1

	// TCPPshMask = 0x8 mask that identifies PSH packets
	TCPPshMask = 0x8
)

TCP Header masks

View Source 
const (
	// TCPAuthenticationOption is the option number will be using
	TCPAuthenticationOption = uint8(34)

	// TCPMssOption is the type for MSS option
	TCPMssOption = uint8(2)

	// TCPMssOptionLen is the type for MSS option
	TCPMssOptionLen = uint8(4)
)

TCP Options Related constants

View Source 
const (
	// UDPLengthPos is the location of UDP length
	UDPLengthPos = 24
	// UDPChecksumPos is the location of UDP checksum
	UDPChecksumPos = 26
	// UDPDataPos is the location of UDP data
	UDPDataPos = 28
	// UDPBeginPos is the location of UDP Header
	UDPBeginPos = 20
	// UDPSynMask is a mask for the UDP Syn flags
	UDPSynMask = 0x20
	// UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
	UDPSynAckMask = 0x40
	// UDPAckMask mask that identifies ACK packets.
	UDPAckMask = 0x60
	// UDPPacketMask identifies type of UDP packet.
	UDPPacketMask = 0x60
)

UDP related constants.

View Source 
const (
	// UDPAuthMarker is 18 byte Aporeto signature for UDP
	UDPAuthMarker = "n30njxq7bmiwr6dtxq"
	// UDPAuthMarkerLen is the length of UDP marker.
	UDPAuthMarkerLen = 18
	// UDPSignatureLen is the length of signature on UDP control packet.
	UDPSignatureLen = 20
	// UDPAuthMarkerOffset is the beginning of UDPAuthMarker
	UDPAuthMarkerOffset = 30
	// UDPSignatureEnd is the end of UDPSignature.
	UDPSignatureEnd = UDPDataPos + UDPSignatureLen
	// UDPJwtTokenOffset is beginning of Jwt Token.
	UDPJwtTokenOffset = 48
)
View Source 
const (
	// PacketTypeNetwork is enum for from-network packets
	PacketTypeNetwork = 0x1000
	// PacketTypeApplication is enum for from-application packets
	PacketTypeApplication = 0x2000

	// PacketStageIncoming is an enum for incoming stage
	PacketStageIncoming = 0x0100
	// PacketStageAuth is an enum for authentication stage
	PacketStageAuth = 0x0200
	// PacketStageService is an enum for crypto stage
	PacketStageService = 0x0400
	// PacketStageOutgoing is an enum for outgoing stage
	PacketStageOutgoing = 0x0800

	// PacketFailureCreate is the drop reason for packet
	PacketFailureCreate = 0x0010
	// PacketFailureAuth is a drop reason for packet due to authentication error
	PacketFailureAuth = 0x0020
	// PacketFailureService is a drop reason for packet due to crypto error
	PacketFailureService = 0x00040
)
View Source 
const (

	// ipIDPos is location of IP Identifier
	IPIDPos = 4
)

IP Header field position constants

View Source 
const (

	// TCPChecksumPos is the location of TCP checksum
	TCPChecksumPos = 36
)

TCP Header field position constants

Variables

View Source 
var (
	// PacketLogLevel determines if packet logging is turned on
	PacketLogLevel bool
)

Functions

func TCPFlagsToStr 

func TCPFlagsToStr(flags uint8) string

TCPFlagsToStr converts the TCP Flags to a string value that is human readable

Types

type Packet 

type Packet struct {

	// Mark is the nfqueue Mark
	Mark string

	// Buffers : input/output buffer
	Buffer []byte

	IPProto       uint8
	IPTotalLength uint16

	SourceAddress      net.IP
	DestinationAddress net.IP

	// L4 Header Fields
	SourcePort      uint16
	DestinationPort uint16

	// TCP Specific fields
	TCPSeq uint32
	TCPAck uint32

	TCPFlags    uint8
	TCPChecksum uint16

	// UDP Specific fields.
	UDPChecksum uint16

	// Service Metadata
	SvcMetadata interface{}
	// Connection Metadata
	ConnectionMetadata interface{}
	// contains filtered or unexported fields
}

Packet is the main structure holding packet information

func New 

func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

func (*Packet) CheckTCPAuthenticationOption 

func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

func (*Packet) ConvertAcktoFinAck 

func (p *Packet) ConvertAcktoFinAck() error

ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

func (*Packet) CreateReverseFlowPacket 

func (p *Packet) CreateReverseFlowPacket(destIP net.IP, destPort uint16)

CreateReverseFlowPacket modifies the packet for reverse flow.

func (*Packet) DecreaseTCPAck 

func (p *Packet) DecreaseTCPAck(decr uint32)

DecreaseTCPAck decreases TCP ack number by decr

func (*Packet) DecreaseTCPSeq 

func (p *Packet) DecreaseTCPSeq(decr uint32)

DecreaseTCPSeq decreases TCP seq number by decr

func (*Packet) DropDetachedBytes 

func (p *Packet) DropDetachedBytes()

DropDetachedBytes removes any bytes that have been detached and stored locally

func (*Packet) DropDetachedDataBytes 

func (p *Packet) DropDetachedDataBytes()

DropDetachedDataBytes removes any bytes that have been detached and stored locally

func (*Packet) FixupIPHdrOnDataModify 

func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

FixupIPHdrOnDataModify modifies the IP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataAttach 

func (p *Packet) FixupTCPHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

FixupTCPHdrOnTCPDataAttach modifies the TCP header fields and checksum

func (*Packet) FixupTCPHdrOnTCPDataDetach 

func (p *Packet) FixupTCPHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

FixupTCPHdrOnTCPDataDetach modifies the TCP header fields and checksum

func (*Packet) GetBytes 

func (p *Packet) GetBytes() []byte

GetBytes returns the bytes in the packet. It consolidates in case of changes as well

func (*Packet) GetIPLength 

func (p *Packet) GetIPLength() uint16

GetIPLength returns the IP length

func (*Packet) GetTCPData 

func (p *Packet) GetTCPData() []byte

GetTCPData returns any additional data in the packet

func (*Packet) GetTCPOptions 

func (p *Packet) GetTCPOptions() []byte

GetTCPOptions returns any additional options in the packet

func (*Packet) GetUDPData 

func (p *Packet) GetUDPData() []byte

GetUDPData return additional data in packet

func (*Packet) GetUDPDataStartBytes 

func (p *Packet) GetUDPDataStartBytes() uint16

GetUDPDataStartBytes return start of UDP data

func (*Packet) GetUDPType 

func (p *Packet) GetUDPType() byte

GetUDPType returns udp type of packet.

func (*Packet) ID 

func (p *Packet) ID() string

ID returns the IP ID of the packet

func (*Packet) IncreaseTCPAck 

func (p *Packet) IncreaseTCPAck(incr uint32)

IncreaseTCPAck increases TCP ack number by incr

func (*Packet) IncreaseTCPSeq 

func (p *Packet) IncreaseTCPSeq(incr uint32)

IncreaseTCPSeq increases TCP seq number by incr

func (*Packet) IsEmptyTCPPayload 

func (p *Packet) IsEmptyTCPPayload() bool

IsEmptyTCPPayload returns the TCP data offset

func (*Packet) L4FlowHash 

func (p *Packet) L4FlowHash() string

L4FlowHash calculate a hash string based on the 4-tuple

func (*Packet) L4ReverseFlowHash 

func (p *Packet) L4ReverseFlowHash() string

L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

func (*Packet) Print 

func (p *Packet) Print(context uint64)

Print is a print helper function

func (*Packet) ReadTCPData 

func (p *Packet) ReadTCPData() []byte

ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadTCPDataString 

func (p *Packet) ReadTCPDataString() string

ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadUDPToken 

func (p *Packet) ReadUDPToken() []byte

ReadUDPToken returnthe UDP token. Gets called only during the handshake process.

func (*Packet) SetTCPData 

func (p *Packet) SetTCPData(b []byte)

SetTCPData returns any additional data in the packet

func (*Packet) SetUDPData 

func (p *Packet) SetUDPData(b []byte)

SetUDPData sets additional data in the packet

func (*Packet) SourcePortHash 

func (p *Packet) SourcePortHash(stage uint64) string

SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

func (*Packet) String 

func (p *Packet) String() string

String returns a string representation of fields contained in this packet.

func (*Packet) TCPDataAttach 

func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

TCPDataAttach modifies the TCP and IP header fields and checksum

func (*Packet) TCPDataDetach 

func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

TCPDataDetach performs the following:

  • Removes all TCP data from Buffer to TCPData.
  • Removes "optionLength" bytes of options from TCP header to tcpOptions
  • Updates IP Hdr (lengths, checksums)
  • Updates TCP header (checksums)

func (*Packet) TCPDataLength 

func (p *Packet) TCPDataLength() int

TCPDataLength -- returns the length of tcp options

func (*Packet) TCPDataStartBytes 

func (p *Packet) TCPDataStartBytes() uint16

TCPDataStartBytes provides the tcp data start offset in bytes

func (*Packet) TCPOptionLength 

func (p *Packet) TCPOptionLength() int

TCPOptionLength returns the length of tcpoptions

func (*Packet) UDPDataAttach 

func (p *Packet) UDPDataAttach(udpdata []byte)

UDPDataAttach Attaches UDP data post encryption.

func (*Packet) UDPDataDetach 

func (p *Packet) UDPDataDetach()

UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

func (*Packet) UDPTokenAttach 

func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

UDPTokenAttach attached udp packet signature and tokens.

func (*Packet) UpdateIPChecksum 

func (p *Packet) UpdateIPChecksum()

UpdateIPChecksum computes the IP header checksum and updates the packet with the value.

func (*Packet) UpdateTCPChecksum 

func (p *Packet) UpdateTCPChecksum()

UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

func (*Packet) UpdateUDPChecksum 

func (p *Packet) UpdateUDPChecksum()

UpdateUDPChecksum updates the UDP checksum field of packet

func (*Packet) VerifyIPChecksum 

func (p *Packet) VerifyIPChecksum() bool

VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

func (*Packet) VerifyTCPChecksum 

func (p *Packet) VerifyTCPChecksum() bool

VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.