netutils

package module
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2025 License: MIT Imports: 23 Imported by: 3

README

Go version

go-netutils

Network utilities in Golang

Build eBPF bytecode

Install prerequisites

sudo apt install llvm clang
sudo apt-get install gcc-multilib

Update libpbf library and generate vmlinux.h

cd ebpf/headers
./update.sh

Compiles a C source file into eBPF bytecode

cd xdp/
go generate .

Running tests

$ apt install -y libpcap-dev

$ go test -cover -v

Examples

String CIDR parser
import (
	"github.com/dmachard/go-netutils"
)

v4Mask, err = netutils.ParseCIDRMask("10.0.0.0/8")
if err != nil {
   fmt.Println(err)
}
// v4Mask == net.CIDRMask(8, 32)
Generate BPF filter
import (
	"github.com/dmachard/go-netutils"
)


fd, err := syscall.Socket(syscall.AF_PACKET, syscall.SOCK_RAW, netutils.Htons(syscall.ETH_P_ALL))
if err != nil {
   fmt.Println(err)
}

filter, err := netutils.GetBpfFilterPort(53)
if err != nil {
   fmt.Println(err)
}
err = netutils.ApplyBpfFilter(filter, fd)
if err != nil {
   fmt.Println(err)
}
TLS client config
import (
	"github.com/dmachard/go-netutils"
)

tlsOptions := netutils.TLSOptions{
   InsecureSkipVerify: true,
   MinVersion:         "1.2",
   CAFile:             "",
   CertFile:           "",
   KeyFile:            "",
}

tlsConfig, err := netutils.TLSClientConfig(tlsOptions)
if err != nil {
   w.LogFatal("logger=kafka - tls config failed:", err)
}
Minimal network layers decoders
import (
	"github.com/dmachard/go-netutils"
)

netDecoder := &netutils.NetDecoder{}

// copy packet data from buffer
pkt := make([]byte, bufN)
copy(pkt, buf[:bufN])

// decode minimal layers
packet := gopacket.NewPacket(pkt, netDecoder, gopacket.NoCopy)

Documentation

Index

Constants

View Source 
const (
	ProtoInet  = "INET"
	ProtoInet6 = "INET6"
	ProtoIPv6  = "IPv6"
	ProtoIPv4  = "IPv4"

	ProtoUDP = "UDP"
	ProtoTCP = "TCP"

	SocketTCP  = "tcp"
	SocketUDP  = "udp"
	SocketUnix = "unix"
	SocketTLS  = "tcp+tls"
)
View Source 
const (
	TLSV10 = "1.0"
	TLSV11 = "1.1"
	TLSV12 = "1.2"
	TLSV13 = "1.3"
)
View Source 
const (
	IPv6MinimumFragmentSize    = 1280
	IPv6MaximumSize            = 65535
	IPv6MaximumFragmentOffset  = 8189
	IPv6MaximumFragmentListLen = 52

	IPv4MinimumFragmentSize    = 8     // Minimum size of a single fragment
	IPv4MaximumSize            = 65535 // Maximum size of a fragment (2^16)
	IPv4MaximumFragmentOffset  = 8183  // Maximum offset of a fragment
	IPv4MaximumFragmentListLen = 8192  // Back out if we get more than this many fragments
)
View Source 
const (
	IPv4ProtocolTCP         = layers.IPProtocolTCP
	IPv4ProtocolUDP         = layers.IPProtocolUDP
	IPv6ProtocolTCP         = layers.IPProtocolTCP
	IPv6ProtocolUDP         = layers.IPProtocolUDP
	IPv6ProtocolFragment    = layers.IPProtocolIPv6Fragment
	IPv4ProtocolGRE         = layers.IPProtocolGRE
	IPv6ProtocolGRE         = layers.IPProtocolGRE
	IPv6ProtocolDestination = layers.IPProtocolIPv6Destination
)
View Source 
const (
	IPv6Len = uint32(40)
)

Variables

View Source 
var (
	IPVersion = map[string]string{
		ProtoInet:  ProtoIPv4,
		ProtoInet6: ProtoIPv6,
	}

	IPToInet = map[string]string{
		ProtoIPv4: ProtoInet,
		ProtoIPv6: ProtoInet6,
	}
)
View Source 
var (
	TLSVersion = map[string]uint16{
		TLSV10: tls.VersionTLS10,
		TLSV11: tls.VersionTLS11,
		TLSV12: tls.VersionTLS12,
		TLSV13: tls.VersionTLS13,
	}
)

Functions

func AcceptConnections 

func AcceptConnections(listener net.Listener, acceptChan chan<- net.Conn)

func ApplyBpfFilter 

func ApplyBpfFilter(filter []bpf.Instruction, fd int) (err error)

func Close 

func Close(conn io.Closer, reset bool) error

thanks to https://stackoverflow.com/questions/28967701/golang-tcp-socket-cant-close-after-get-file, call conn.CloseRead() before calling conn.Close()

func ConvertIP4 

func ConvertIP4(ip uint32) net.IP

func ConvertIP6 

func ConvertIP6(ip [4]uint32) net.IP

func GetBpfDnsFilterPort added in v1.3.0 

func GetBpfDnsFilterPort(port int, withEthernet bool) ([]bpf.Instruction, error)

func GetBpfGreDnsFilterPort added in v1.3.0 

func GetBpfGreDnsFilterPort(port int) ([]bpf.Instruction, error)

func GetIPAddress 

func GetIPAddress[T uint32 | [4]uint32](ip T, mapper func(T) net.IP) net.IP

func GetPeerName 

func GetPeerName(peerAddr string) string

GetPeerName returns the hostname associated with the given peer address. If the peer address cannot be split into IP and port or if the hostname lookup fails, it returns the peer address or IP itself.

func Htons 

func Htons(v uint16) int

Convert a uint16 to host byte order (big endian)

func IPDefragger 

func IPDefragger(ipInput chan gopacket.Packet, udpOutput chan gopacket.Packet, tcpOutput chan gopacket.Packet, port int)

func IsClosedConnectionError 

func IsClosedConnectionError(err error) bool

func IsValidTLS added in v0.2.0 

func IsValidTLS(mode string) bool

func LoadBpfObjects added in v0.0.2 

func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error

loadBpfObjects loads bpf and converts it into a struct.

The following types are suitable as obj argument: 

*bpfObjects
*bpfPrograms
*bpfMaps

See ebpf.CollectionSpec.LoadAndAssign documentation for details.

func ParseCIDRMask added in v0.4.0 

func ParseCIDRMask(mask string) (net.IPMask, error)

func RemoveBpfFilter 

func RemoveBpfFilter(fd int) (err error)

func SetSockRCVBUF 

func SetSockRCVBUF(conn net.Conn, desired int, isTLS bool) (int, int, error)

Configure SO_RCVBUF, thanks to https://github.com/dmachard/go-dns-collector/issues/61#issuecomment-1201199895

func StartToListen 

func StartToListen(listenIP string, listenPort int, sockPath string, tlsSupport bool, tlsMin uint16, certFile, keyFile string) (net.Listener, error)

func TCPAssembler 

func TCPAssembler(tcpInput chan gopacket.Packet, dnsOutput chan DNSPacket, portFilter int)

func TLSClientConfig added in v0.2.0 

func TLSClientConfig(options TLSOptions) (*tls.Config, error)

func UDPProcessor 

func UDPProcessor(udpInput chan gopacket.Packet, dnsOutput chan DNSPacket, portFilter int)

Types

type BpfObjects added in v0.0.2 

type BpfObjects struct {
	// contains filtered or unexported fields
}

bpfObjects contains all objects after they have been loaded into the kernel.

It can be passed to loadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.

func (*BpfObjects) Close added in v0.0.2 

func (o *BpfObjects) Close() error

type BpfPktEvent added in v0.0.2 

type BpfPktEvent struct {
	Timestamp     uint64
	PktLen        uint32
	PktOffset     uint32
	IpVersion     uint16
	IpProto       uint16
	PayloadOffset uint16
	SrcAddr       uint32
	SrcAddr6      [4]uint32
	SrcPort       uint16
	DstAddr       uint32
	DstAddr6      [4]uint32
	DstPort       uint16
}

type DNSPacket 

type DNSPacket struct {
	// DNS payload
	Payload []byte
	// IP layer
	IPLayer gopacket.Flow
	// Transport layer
	TransportLayer gopacket.Flow
	// Timestamp
	Timestamp time.Time
	// IP Defragmented
	IPDefragmented bool
	// TCP reassembly
	TCPReassembled bool
}

DefragPacket is a struct that holds DNS data

type DNSStreamFactory 

type DNSStreamFactory struct {
	// Channel to send reassembled DNS data
	Reassembled    chan DNSPacket
	IPDefragmented bool
}

func (*DNSStreamFactory) New 

func (s *DNSStreamFactory) New(net, transport gopacket.Flow) tcpassembly.Stream

type IPDefragmenter 

type IPDefragmenter struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

func NewIPDefragmenter 

func NewIPDefragmenter() *IPDefragmenter

func (*IPDefragmenter) DefragIP 

func (d *IPDefragmenter) DefragIP(in gopacket.Packet) (gopacket.Packet, error)

func (*IPDefragmenter) DiscardOlderThan 

func (d *IPDefragmenter) DiscardOlderThan(t time.Time) int

type LabelResolver added in v1.0.1 

type LabelResolver struct {
	Instructions []LabeledInstruction
	LabelMap     map[string]int
}

Helper to manage labels and calculate jumps

func (*LabelResolver) Add added in v1.0.1 

func (lr *LabelResolver) Add(instr bpf.Instruction)

Add an instruction to the list

func (*LabelResolver) JumpIf added in v1.2.0 

func (lr *LabelResolver) JumpIf(instr bpf.Instruction, onTrue, onFalse string)

func (*LabelResolver) JumpTo added in v1.2.0 

func (lr *LabelResolver) JumpTo(instr bpf.Instruction, jumpTo string)

func (*LabelResolver) Label added in v1.0.1 

func (lr *LabelResolver) Label(label string) error

Register a label at the current instruction position

func (*LabelResolver) ResolveJumps added in v1.0.1 

func (lr *LabelResolver) ResolveJumps() ([]bpf.Instruction, error)

Calculate the jump offsets based on labels

type LabeledInstruction added in v1.0.1 

type LabeledInstruction struct {
	Instruction    bpf.Instruction
	SkipTrueLabel  string
	SkipFalseLabel string
	SkipLabel      string
}

Instruction with optional label name

type NetDecoder 

type NetDecoder struct{}

func (*NetDecoder) Decode 

func (d *NetDecoder) Decode(data []byte, p gopacket.PacketBuilder) error

type PacketDecoder added in v1.5.0 

type PacketDecoder interface {
	Decode(data []byte, p gopacket.PacketBuilder) error
}

interface for network decoder

type RawIPDecoder added in v1.4.0 

type RawIPDecoder struct {
	// contains filtered or unexported fields
}

to support sniffing on gre tunnel no ethernet layer in this case

func (*RawIPDecoder) Decode added in v1.4.0 

func (d *RawIPDecoder) Decode(data []byte, p gopacket.PacketBuilder) error

type TLSOptions added in v0.2.0 

type TLSOptions struct {
	CAFile             string
	CertFile           string
	KeyFile            string
	InsecureSkipVerify bool
	MinVersion         string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.