Documentation ¶
Overview ¶
Listener capture TCP traffic using RAW SOCKETS. Note: it requires sudo or root access.
Rigt now it suport only HTTP
Index ¶
Constants ¶
const ( TCP_FIN = 1 << iota TCP_SYN TCP_RST TCP_PSH TCP_ACK TCP_URG TCP_ECE TCP_CWR TCP_NS )
TCP Flags
const MSG_EXPIRE = 200 * time.Millisecond
Variables ¶
This section is empty.
Functions ¶
func ReplayServer ¶
Types ¶
type ListenerSettings ¶
var Settings ListenerSettings = ListenerSettings{}
type RAWTCPListener ¶
type RAWTCPListener struct {
// contains filtered or unexported fields
}
Capture traffic from socket using RAW_SOCKET's http://en.wikipedia.org/wiki/Raw_socket
RAW_SOCKET allow you listen for traffic on any port (e.g. sniffing) because they operate on IP level. Ports is TCP feature, same as flow control, reliable transmission and etc. Since we can't use default TCP libraries RAWTCPLitener implements own TCP layer TCP packets is parsed using tcp_packet.go, and flow control is managed by tcp_message.go
func RAWTCPListen ¶
func RAWTCPListen(addr string, port int) (listener *RAWTCPListener)
func (*RAWTCPListener) Receive ¶
func (t *RAWTCPListener) Receive() *TCPMessage
type TCPMessage ¶
type TCPMessage struct { Ack uint32 // Message ID // contains filtered or unexported fields }
TCPMessage ensure that all TCP packets for given request is received, and processed in right sequence Its needed because all TCP message can be fragmented or re-transmitted
Each TCP Packet have 2 ids: acknowledgement - message_id, and sequence - packet_id Message can be compiled from unique packets with same message_id which sorted by sequence Message is received if we did't receive any packets for 200ms
func NewTCPMessage ¶
func NewTCPMessage(Ack uint32, c_del chan *TCPMessage) (msg *TCPMessage)
func (*TCPMessage) AddPacket ¶
func (t *TCPMessage) AddPacket(packet *TCPPacket)
Add packet to the message and ensure packet uniquiness TCP allows that packet can be re-send multiple times
func (*TCPMessage) Bytes ¶
func (t *TCPMessage) Bytes() (output []byte)
Sort packets in right orders and return message content
func (*TCPMessage) Timeout ¶
func (t *TCPMessage) Timeout()
type TCPPacket ¶
type TCPPacket struct { SrcPort uint16 DestPort uint16 Seq uint32 Ack uint32 DataOffset uint8 Flags uint16 Window uint16 Checksum uint16 Urgent uint16 Data []byte }
Simple TCP packet parser
Packet structure: http://en.wikipedia.org/wiki/Transmission_Control_Protocol
func NewTCPPacket ¶
func (*TCPPacket) Parse ¶
func (t *TCPPacket) Parse()
Inspired by: https://github.com/miekg/pcap/blob/master/packet.go