Documentation
¶
Overview ¶
Copyright © 2021 Stamus Networks oss@stamus-networks.com
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Copyright © 2021 Stamus Networks oss@stamus-networks.com
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Copyright © 2021 Stamus Networks oss@stamus-networks.com
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Index ¶
Constants ¶
const FlowTimeout time.Duration = 600 * 1000000000
Variables ¶
This section is empty.
Functions ¶
func ExtractPcapFile ¶
func ExtractPcapFile(config ExtractPcapConfig) error
Extract a pcap file for a given flow
Types ¶
type ErrOutOfFiles ¶
type ErrOutOfFiles struct {
}
func (ErrOutOfFiles) Error ¶
func (e ErrOutOfFiles) Error() string
type Event ¶
type Event struct {
Timestamp string
CaptureFile string `json:"capture_file"`
SrcIP IPAddr `json:"src_ip"`
DestIP IPAddr `json:"dest_ip"`
SrcPort uint16 `json:"src_port"`
DestPort uint16 `json:"dest_port"`
AppProto string `json:"app_proto"`
Proto string `json:"proto"`
Tunnel Tunnel `json:"tunnel"`
}
type ExtractPcapConfig ¶
type FlowPair ¶
type FlowPair struct {
// IP is the Flow containing data
IP *gopacket.Flow
// Transport is the Flow of the tunnel
Transport *gopacket.Flow
}
FlowPair holds IP and Transport layers for an event
type IPAddr ¶
IPAddr is for decoding IP values directly to IP objects during JSON decode. net.IP is a wrapper around byte array, not integer, so it also handles IPv6 addresses.
func (*IPAddr) UnmarshalJSON ¶
UnmarshalJSON implements json.Unmarshaler
type PcapFileList ¶
type PcapFileList struct {
Files []string
DirName string
FileName string
Index int
FileParsing *regexp.Regexp
ThreadIndex int
TimestampIndex int
}
func NewPcapFileList ¶
func NewPcapFileList(dname string, event Event, fileFormat string) *PcapFileList
func (*PcapFileList) GetNext ¶
func (pl *PcapFileList) GetNext() (string, error)
Source Files