Documentation ¶
Index ¶
- Constants
- Variables
- func AcceptConnections(listener net.Listener, acceptChan chan<- net.Conn)
- func ApplyBpfFilter(filter []bpf.Instruction, fd int) (err error)
- func Close(conn io.Closer, reset bool) error
- func ConvertIP4(ip uint32) net.IP
- func ConvertIP6(ip [4]uint32) net.IP
- func GetBpfFilterPort(port int) []bpf.Instruction
- func GetIPAddress[T uint32 | [4]uint32](ip T, mapper func(T) net.IP) net.IP
- func GetPeerName(peerAddr string) string
- func Htons(v uint16) int
- func IPDefragger(ipInput chan gopacket.Packet, udpOutput chan gopacket.Packet, ...)
- func IsClosedConnectionError(err error) bool
- func IsValidTLS(mode string) bool
- func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
- func ParseCIDRMask(mask string) (net.IPMask, error)
- func RemoveBpfFilter(fd int) (err error)
- func SetSockRCVBUF(conn net.Conn, desired int, isTLS bool) (int, int, error)
- func StartToListen(listenIP string, listenPort int, sockPath string, tlsSupport bool, ...) (net.Listener, error)
- func TCPAssembler(tcpInput chan gopacket.Packet, dnsOutput chan DNSPacket, portFilter int)
- func TLSClientConfig(options TLSOptions) (*tls.Config, error)
- func UDPProcessor(udpInput chan gopacket.Packet, dnsOutput chan DNSPacket, portFilter int)
- type BpfObjects
- type BpfPktEvent
- type DNSPacket
- type DNSStreamFactory
- type IPDefragmenter
- type NetDecoder
- type TLSOptions
Constants ¶
const ( ProtoInet = "INET" ProtoInet6 = "INET6" ProtoIPv6 = "IPv6" ProtoIPv4 = "IPv4" ProtoUDP = "UDP" ProtoTCP = "TCP" SocketTCP = "tcp" SocketUDP = "udp" SocketUnix = "unix" SocketTLS = "tcp+tls" )
const ( TLSV10 = "1.0" TLSV11 = "1.1" TLSV12 = "1.2" TLSV13 = "1.3" )
const ( IPv6MinimumFragmentSize = 1280 IPv6MaximumSize = 65535 IPv6MaximumFragmentOffset = 8189 IPv6MaximumFragmentListLen = 52 IPv4MinimumFragmentSize = 8 // Minimum size of a single fragment IPv4MaximumSize = 65535 // Maximum size of a fragment (2^16) IPv4MaximumFragmentOffset = 8183 // Maximum offset of a fragment IPv4MaximumFragmentListLen = 8192 // Back out if we get more than this many fragments )
const ( IPv4ProtocolTCP = layers.IPProtocolTCP IPv4ProtocolUDP = layers.IPProtocolUDP IPv6ProtocolTCP = layers.IPProtocolTCP IPv6ProtocolUDP = layers.IPProtocolUDP IPv6ProtocolFragment = layers.IPProtocolIPv6Fragment )
Variables ¶
var ( IPVersion = map[string]string{ ProtoInet: ProtoIPv4, ProtoInet6: ProtoIPv6, } IPToInet = map[string]string{ ProtoIPv4: ProtoInet, ProtoIPv6: ProtoInet6, } )
var ( TLSVersion = map[string]uint16{ TLSV10: tls.VersionTLS10, TLSV11: tls.VersionTLS11, TLSV12: tls.VersionTLS12, TLSV13: tls.VersionTLS13, } )
Functions ¶
func ApplyBpfFilter ¶
func ApplyBpfFilter(filter []bpf.Instruction, fd int) (err error)
func Close ¶
thanks to https://stackoverflow.com/questions/28967701/golang-tcp-socket-cant-close-after-get-file, call conn.CloseRead() before calling conn.Close()
func ConvertIP4 ¶
func ConvertIP6 ¶
func GetBpfFilterPort ¶
func GetBpfFilterPort(port int) []bpf.Instruction
func GetPeerName ¶
GetPeerName returns the hostname associated with the given peer address. If the peer address cannot be split into IP and port or if the hostname lookup fails, it returns the peer address or IP itself.
func IPDefragger ¶
func IsClosedConnectionError ¶
func IsValidTLS ¶ added in v0.2.0
func LoadBpfObjects ¶ added in v0.0.2
func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
loadBpfObjects loads bpf and converts it into a struct.
The following types are suitable as obj argument:
*bpfObjects *bpfPrograms *bpfMaps
See ebpf.CollectionSpec.LoadAndAssign documentation for details.
func RemoveBpfFilter ¶
func SetSockRCVBUF ¶
Configure SO_RCVBUF, thanks to https://github.com/dmachard/go-dns-collector/issues/61#issuecomment-1201199895
func StartToListen ¶
func TCPAssembler ¶
func TLSClientConfig ¶ added in v0.2.0
func TLSClientConfig(options TLSOptions) (*tls.Config, error)
Types ¶
type BpfObjects ¶ added in v0.0.2
type BpfObjects struct {
// contains filtered or unexported fields
}
bpfObjects contains all objects after they have been loaded into the kernel.
It can be passed to loadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
func (*BpfObjects) Close ¶ added in v0.0.2
func (o *BpfObjects) Close() error
type BpfPktEvent ¶ added in v0.0.2
type DNSPacket ¶
type DNSPacket struct { // DNS payload Payload []byte // IP layer IPLayer gopacket.Flow // Transport layer TransportLayer gopacket.Flow // Timestamp Timestamp time.Time // IP Defragmented IPDefragmented bool // TCP reassembly TCPReassembled bool }
DefragPacket is a struct that holds DNS data
type DNSStreamFactory ¶
type DNSStreamFactory struct { // Channel to send reassembled DNS data Reassembled chan DNSPacket IPDefragmented bool }
func (*DNSStreamFactory) New ¶
func (s *DNSStreamFactory) New(net, transport gopacket.Flow) tcpassembly.Stream
type IPDefragmenter ¶
func NewIPDefragmenter ¶
func NewIPDefragmenter() *IPDefragmenter
func (*IPDefragmenter) DiscardOlderThan ¶
func (d *IPDefragmenter) DiscardOlderThan(t time.Time) int
type NetDecoder ¶
type NetDecoder struct{}
func (*NetDecoder) Decode ¶
func (d *NetDecoder) Decode(data []byte, p gopacket.PacketBuilder) error