sniffer

package
v0.0.0-...-b4fcc37 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 22, 2024 License: Apache-2.0, MIT Imports: 12 Imported by: 27

Documentation

Overview

Package sniffer provides the implementation of data-link layer endpoints that wrap another endpoint and logs inbound and outbound packets.

Sniffer endpoints can be used in the networking stack by calling New(eID) to create a new endpoint, where eID is the ID of the endpoint being wrapped, and then passing it as an argument to Stack.CreateNIC().

Index

Constants

View Source 
const (
	// DirectionSend indicates a sent packet.
	DirectionSend = iota
	// DirectionRecv indicates a received packet.
	DirectionRecv
)

Variables

View Source 
var LogPackets atomicbitops.Uint32 = atomicbitops.FromUint32(1)

LogPackets is a flag used to enable or disable packet logging via the log package. Valid values are 0 or 1.

Functions

func LogPacket 

func LogPacket(prefix string, dir Direction, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer)

LogPacket logs a packet to stdout.

Types

type Direction 

type Direction int

A Direction indicates whether the packing is being sent or received.

func (Direction) String 

func (dr Direction) String() string

type Endpoint 

type Endpoint struct {
	nested.Endpoint
	// contains filtered or unexported fields
}

Endpoint is used to sniff and log network traffic.

+stateify savable

func New 

func New(lower stack.LinkEndpoint) *Endpoint

New creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets and they traverse the endpoint.

func NewWithPrefix 

func NewWithPrefix(lower stack.LinkEndpoint, logPrefix string) *Endpoint

NewWithPrefix creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets prefixed with logPrefix as they traverse the endpoint.

logPrefix is prepended to the log line without any separators. E.g. logPrefix = "NIC:en0/" will produce log lines like "NIC:en0/send udp [...]".

func NewWithWriter 

func NewWithWriter(lower stack.LinkEndpoint, writer io.Writer, snapLen uint32) (*Endpoint, error)

NewWithWriter creates a new sniffer link-layer endpoint. It wraps around another endpoint and logs packets as they traverse the endpoint.

Each packet is written to writer in the pcap format in a single Write call without synchronization. A sniffer created with this function will not emit packets using the standard log package.

snapLen is the maximum amount of a packet to be saved. Packets with a length less than or equal to snapLen will be saved in their entirety. Longer packets will be truncated to snapLen.

func (*Endpoint) DeliverNetworkPacket 

func (e *Endpoint) DeliverNetworkPacket(protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer)

DeliverNetworkPacket implements the stack.NetworkDispatcher interface. It is called by the link-layer endpoint being wrapped when a packet arrives, and logs the packet before forwarding to the actual dispatcher.

func (*Endpoint) DumpPacket 

func (e *Endpoint) DumpPacket(dir Direction, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer, ts *time.Time)

DumpPacket logs a packet, depending on configuration, to stderr and/or a pcap file. ts is an optional timestamp for the packet.

func (*Endpoint) WritePackets 

func (e *Endpoint) WritePackets(pkts stack.PacketBufferList) (int, tcpip.Error)

WritePackets implements the stack.LinkEndpoint interface. It is called by higher-level protocols to write packets; it just logs the packet and forwards the request to the lower endpoint.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.