packet

package
v10.299.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2021 License: Apache-2.0 Imports: 9 Imported by: 9

Documentation

Overview

Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

Index

Constants

View Source 
const (
	// IPProtocolTCP defines the constant for TCP protocol number
	IPProtocolTCP = 6

	// IPProtocolUDP defines the constant for UDP protocol number
	IPProtocolUDP = 17

	// IPProtocolICMP defines the constants for ICMP protocol number
	IPProtocolICMP = 1
)

IP Protocol numbers

View Source 
const (

	// TCPSynMask is a mask for the TCP Syn flags
	TCPSynMask = 0x2

	// TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
	TCPSynAckMask = 0x12

	// TCPRstMask mask that identifies RST packets
	TCPRstMask = 0x4

	// TCPAckMask mask that identifies ACK packets
	TCPAckMask = 0x10

	// TCPFinMask mask that identifies FIN packets
	TCPFinMask = 0x1

	// TCPPshMask = 0x8 mask that identifies PSH packets
	TCPPshMask = 0x8
)

TCP Header masks

View Source 
const (
	// TCPAuthenticationOption is the option number will be using
	TCPAuthenticationOption = uint8(34)

	// TCPMssOption is the type for MSS option
	TCPMssOption = uint8(2)

	// TCPMssOptionLen is the type for MSS option
	TCPMssOptionLen = uint8(4)
)

TCP Options Related constants

View Source 
const (

	// UDPDataPos is the location of UDP data
	UDPDataPos = 8
	// UDPSynMask is a mask for the UDP Syn flags
	UDPSynMask = 0x10
	// UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
	UDPSynAckMask = 0x20
	// UDPAckMask mask that identifies ACK packets.
	UDPAckMask = 0x30
	// UDPFinAckMask mask that identifies the FinAck packets
	UDPFinAckMask = 0x40
	// UDPPolicyRejectMask mask that identifies a policy reject info from the remote end
	UDPPolicyRejectMask = 0x50
	// UDPDataPacket is a simple data packet
	UDPDataPacket = 0x80
	// UDPPacketMask identifies type of UDP packet.
	UDPPacketMask = 0xF0
)

UDP related constants.

View Source 
const (
	// UDPAuthMarker is 18 byte Aporeto signature for UDP
	UDPAuthMarker = "n30njxq7bmiwr6dtxq"
	// UDPAuthMarkerLen is the length of UDP marker.
	UDPAuthMarkerLen = 18
	// UDPSignatureLen is the length of signature on UDP control packet.
	UDPSignatureLen = 20
)
View Source 
const (
	// UDPAporetoOption is the option kind for Aporeto option
	UDPAporetoOption = uint8(34)
	// UDPAporetoOptionLengthFirstByte is the first if length is greater than 255
	UDPAporetoOptionLengthFirstByte = uint8(0xff)
	// UDPAporetoOptionShortLength is the length of the option header if payload length is less than UDPAporetoOptionLengthFirstByte
	UDPAporetoOptionShortLength = 2
	// UDPAporetoOptionLongLength is the length of the option header if payload length is greater than UDPAporetoOptionLengthFirstByte
	UDPAporetoOptionLongLength = 6
)
View Source 
const (
	// PacketTypeNetwork is enum for from-network packets
	PacketTypeNetwork = 0x1000
	// PacketTypeApplication is enum for from-application packets
	PacketTypeApplication = 0x2000

	// PacketStageIncoming is an enum for incoming stage
	PacketStageIncoming = 0x0100
	// PacketStageAuth is an enum for authentication stage
	PacketStageAuth = 0x0200
	// PacketStageService is an enum for crypto stage
	PacketStageService = 0x0400
	// PacketStageOutgoing is an enum for outgoing stage
	PacketStageOutgoing = 0x0800

	// PacketFailureCreate is the drop reason for packet
	PacketFailureCreate = 0x0010
	// PacketFailureAuth is a drop reason for packet due to authentication error
	PacketFailureAuth = 0x0020
	// PacketFailureService is a drop reason for packet due to crypto error
	PacketFailureService = 0x00040
)

Variables

This section is empty.

Functions

func CreateUDPAuthMarker 

func CreateUDPAuthMarker(packetType uint8, payloadLength uint16) []byte

CreateUDPAuthMarker creates a UDP auth marker.

func GetUDPTypeFromBuffer 

func GetUDPTypeFromBuffer(buffer []byte) byte

GetUDPTypeFromBuffer gets the UDP packet from a raw buffer.,

func TCPFlagsToStr 

func TCPFlagsToStr(flags uint8) string

TCPFlagsToStr converts the TCP Flags to a string value that is human readable

Types

type IPver 

type IPver int

IPver is the type defined for ip version 

const (
	// V4 is the flag for ipv4
	V4 IPver = iota
	// V6 is the flag for ipv6
	V6
)

type Packet 

type Packet struct {

	// Mark is the nfqueue Mark
	Mark        string
	SetConnmark bool

	// Service Metadata
	SvcMetadata interface{}
	// Connection Metadata
	ConnectionMetadata interface{}
	// Platform Metadata (needed for Windows)
	PlatformMetadata PlatformMetadata
	// contains filtered or unexported fields
}

Packet structure

func New 

func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes. WARNING: This package takes control of the bytes buffer passed. The caller has to be aware calling any function that returns a slice will NOT be a copy rather a sub-slice of the bytes buffer passed. It is the responsibility of the caller to copy the slice If and when necessary.

func NewIpv4TCPPacket 

func NewIpv4TCPPacket(context uint64, tcpFlags uint8, src, dst string, srcPort, desPort uint16) (*Packet, error)

NewIpv4TCPPacket creates an Ipv4/TCP packet

func NewIpv6TCPPacket 

func NewIpv6TCPPacket(context uint64, tcpFlags uint8, src, dst string, srcPort, desPort uint16) (*Packet, error)

NewIpv6TCPPacket creates an Ipv6/TCP packet

func TestGetTCPPacket 

func TestGetTCPPacket(srcIP, dstIP net.IP, srcPort, dstPort uint16) *Packet

TestGetTCPPacket is used by other test code when they need to create a packet

func (*Packet) CheckTCPAuthenticationOption 

func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

func (*Packet) ConvertAcktoFinAck 

func (p *Packet) ConvertAcktoFinAck() error

ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

func (*Packet) ConvertToRst 

func (p *Packet) ConvertToRst()

ConvertToRst function converts the packet to a RST packet

func (*Packet) CreateReverseFlowPacket 

func (p *Packet) CreateReverseFlowPacket()

CreateReverseFlowPacket modifies the packet for reverse flow.

func (*Packet) DecreaseTCPAck 

func (p *Packet) DecreaseTCPAck(decr uint32)

DecreaseTCPAck decreases TCP ack number by decr

func (*Packet) DecreaseTCPSeq 

func (p *Packet) DecreaseTCPSeq(decr uint32)

DecreaseTCPSeq decreases TCP seq number by decr

func (*Packet) DestPort 

func (p *Packet) DestPort() uint16

DestPort -- returns the appropriate destination port

func (*Packet) DestinationAddress 

func (p *Packet) DestinationAddress() net.IP

DestinationAddress returns the destination address

func (*Packet) FixupIPHdrOnDataModify 

func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

FixupIPHdrOnDataModify modifies the IP header fields and checksum

func (*Packet) FixuptcpHdrOnTCPDataAttach 

func (p *Packet) FixuptcpHdrOnTCPDataAttach(tcpOptionsLen uint16)

FixuptcpHdrOnTCPDataAttach modifies the TCP header fields and checksum

func (*Packet) FixuptcpHdrOnTCPDataDetach 

func (p *Packet) FixuptcpHdrOnTCPDataDetach(optionLength uint16)

FixuptcpHdrOnTCPDataDetach modifies the TCP header fields and checksum

func (*Packet) GetBuffer 

func (p *Packet) GetBuffer(offset int) []byte

GetBuffer returns the slice representing the buffer at offset specified

func (*Packet) GetICMPTypeCode 

func (p *Packet) GetICMPTypeCode() (int8, int8)

GetICMPTypeCode returns the icmp type and icmp code

func (*Packet) GetIPLength 

func (p *Packet) GetIPLength() uint16

GetIPLength returns the IP length

func (*Packet) GetTCPBytes 

func (p *Packet) GetTCPBytes() []byte

GetTCPBytes returns the bytes in the packet. It consolidates in case of changes as well

func (*Packet) GetTCPFlags 

func (p *Packet) GetTCPFlags() uint8

GetTCPFlags returns the tcp flags from the packet

func (*Packet) GetUDPData 

func (p *Packet) GetUDPData() []byte

GetUDPData return additional data in packet

func (*Packet) GetUDPDataStartBytes 

func (p *Packet) GetUDPDataStartBytes() uint16

GetUDPDataStartBytes return start of UDP data

func (*Packet) GetUDPType 

func (p *Packet) GetUDPType() byte

GetUDPType returns udp type of packet.

func (*Packet) ID 

func (p *Packet) ID() string

ID returns the IP ID of the packet

func (*Packet) IPHeaderLen 

func (p *Packet) IPHeaderLen() uint8

IPHeaderLen returns the ip header length

func (*Packet) IPProto 

func (p *Packet) IPProto() uint8

IPProto returns the L4 protocol

func (*Packet) IPTotalLen 

func (p *Packet) IPTotalLen() uint16

IPTotalLen returns the total length of the packet

func (*Packet) IPversion 

func (p *Packet) IPversion() IPver

IPversion returns the version of ip packet

func (*Packet) IncreaseTCPAck 

func (p *Packet) IncreaseTCPAck(incr uint32)

IncreaseTCPAck increases TCP ack number by incr

func (*Packet) IncreaseTCPSeq 

func (p *Packet) IncreaseTCPSeq(incr uint32)

IncreaseTCPSeq increases TCP seq number by incr

func (*Packet) IsEmptyTCPPayload 

func (p *Packet) IsEmptyTCPPayload() bool

IsEmptyTCPPayload returns the TCP data offset

func (*Packet) L4FlowHash 

func (p *Packet) L4FlowHash() string

L4FlowHash calculate a hash string based on the 4-tuple. It returns the cached value and does not re-calculate it. This leads to performance gains.

func (*Packet) L4ReverseFlowHash 

func (p *Packet) L4ReverseFlowHash() string

L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

func (*Packet) NewPacket 

func (p *Packet) NewPacket(context uint64, bytes []byte, mark string, lengthValidate bool) (err error)

NewPacket is a method called on Packet which decodes the packet into the struct

func (*Packet) PacketToStringTCP 

func (p *Packet) PacketToStringTCP() string

PacketToStringTCP returns a string representation of fields contained in this packet.

func (*Packet) Print 

func (p *Packet) Print(context uint64, packetLogLevel bool)

Print is a print helper function

func (*Packet) ReadTCPData 

func (p *Packet) ReadTCPData() []byte

ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadTCPDataString 

func (p *Packet) ReadTCPDataString() string

ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

func (*Packet) ReadUDPToken 

func (p *Packet) ReadUDPToken() []byte

ReadUDPToken Parsing using format specified in https://tools.ietf.org/html/draft-ietf-tsvwg-udp-options-08 ReadUDPToken return the UDP token. Gets called only during the handshake process.

func (*Packet) SetTCPAck 

func (p *Packet) SetTCPAck(ack uint32)

SetTCPAck sets the TCP ack number

func (*Packet) SetTCPFlags 

func (p *Packet) SetTCPFlags(flags uint8)

SetTCPFlags allows to set the tcp flags on the packet

func (*Packet) SetTCPSeq 

func (p *Packet) SetTCPSeq(seq uint32)

SetTCPSeq sets the TCP seq number

func (*Packet) SourceAddress 

func (p *Packet) SourceAddress() net.IP

SourceAddress returns the source IP

func (*Packet) SourcePort 

func (p *Packet) SourcePort() uint16

SourcePort -- returns the appropriate source port

func (*Packet) SourcePortHash 

func (p *Packet) SourcePortHash(stage uint64) string

SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

func (*Packet) TCPAckNum 

func (p *Packet) TCPAckNum() uint32

TCPAckNum returns tcp ack number

func (*Packet) TCPDataDetach 

func (p *Packet) TCPDataDetach(optionLength uint16)

TCPDataDetach performs the following:

  • Removes all TCP data from Buffer to TCPData.
  • Removes "optionLength" bytes of options from TCP header to tcpOptions
  • Updates IP Hdr (lengths, checksums)
  • Updates TCP header (checksums)

func (*Packet) TCPDataStartBytes 

func (p *Packet) TCPDataStartBytes() uint16

TCPDataStartBytes provides the tcp data start offset in bytes

func (*Packet) TCPSeqNum 

func (p *Packet) TCPSeqNum() uint32

TCPSeqNum returns tcp sequence number

func (*Packet) TCPSequenceNumber 

func (p *Packet) TCPSequenceNumber() uint32

TCPSequenceNumber return the initial sequence number

func (*Packet) UDPDataAttach 

func (p *Packet) UDPDataAttach(header, udpdata []byte)

UDPDataAttach Attaches UDP data post encryption.

func (*Packet) UDPDataDetach 

func (p *Packet) UDPDataDetach()

UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

func (*Packet) UDPTokenAttach 

func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

UDPTokenAttach attached udp packet signature and tokens.

func (*Packet) UpdateIPv4Checksum 

func (p *Packet) UpdateIPv4Checksum()

UpdateIPv4Checksum computes the IP header checksum and updates the packet with the value.

func (*Packet) UpdatePacketBuffer 

func (p *Packet) UpdatePacketBuffer(buffer []byte, tcpOptionsLen uint16) error

UpdatePacketBuffer updates the packet with the new updates buffer.

func (*Packet) UpdateTCPChecksum 

func (p *Packet) UpdateTCPChecksum()

UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

func (*Packet) VerifyIPv4Checksum 

func (p *Packet) VerifyIPv4Checksum() bool

VerifyIPv4Checksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

func (*Packet) VerifyTCPChecksum 

func (p *Packet) VerifyTCPChecksum() bool

VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

type PlatformMetadata 

type PlatformMetadata interface {
	Clone() PlatformMetadata
}

PlatformMetadata structure

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.