decoder

package

v0.9.0 Latest Latest Go to latest Published: Apr 9, 2026 License: BSD-3-Clause, GPL-3.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dreadl0ck/netcap

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AbstractDecoder ¶

type AbstractDecoder struct {

	// used to keep track of the number of generated audit records
	NumRecordsWritten int64

	// Name of the decoder
	Name string

	// Description of the decoder
	Description string

	// Icon name for the decoder (for Maltego)
	Icon string

	// init functions
	PostInit func(decoder *AbstractDecoder) error
	DeInit   func(decoder *AbstractDecoder) error

	// Writer for audit records
	Writer netio.AuditRecordWriter

	// Type of the audit records produced by this decoder
	Type types.Type
}

AbstractDecoder implements custom logic to decode data from a TCP / UDP network conversation this structure has an optimized field order to avoid excessive padding.

func (*AbstractDecoder) DeInitFunc ¶

func (ad *AbstractDecoder) DeInitFunc() error

DeInitFunc is called prior to teardown.

func (*AbstractDecoder) Destroy ¶

func (ad *AbstractDecoder) Destroy() (name string, size int64)

Destroy closes and flushes all writers and calls deinit if set.

func (*AbstractDecoder) FlushCurrentState ¶ added in v0.9.0

func (ad *AbstractDecoder) FlushCurrentState() int64

FlushCurrentState flushes the writer buffer for abstract decoders. Abstract decoders write records immediately, so there's no accumulated state to flush. This just ensures any buffered data is written to disk.

func (*AbstractDecoder) GetChan ¶

func (ad *AbstractDecoder) GetChan() <-chan []byte

GetChan returns a channel to receive serialized protobuf data from the decoder.

func (*AbstractDecoder) GetDescription ¶

func (ad *AbstractDecoder) GetDescription() string

GetDescription returns the description of the

func (*AbstractDecoder) GetName ¶

func (ad *AbstractDecoder) GetName() string

GetName returns the name of the

func (*AbstractDecoder) GetType ¶

func (ad *AbstractDecoder) GetType() types.Type

GetType returns the netcap type of the

func (*AbstractDecoder) GetWriter ¶ added in v0.9.0

func (ad *AbstractDecoder) GetWriter() netio.AuditRecordWriter

GetWriter returns the current writer.

func (*AbstractDecoder) NumRecords ¶

func (ad *AbstractDecoder) NumRecords() int64

NumRecords returns the number of written records.

func (*AbstractDecoder) PostInitFunc ¶

func (ad *AbstractDecoder) PostInitFunc() error

PostInitFunc is called after the decoder has been initialized.

func (*AbstractDecoder) SetWriter ¶

func (ad *AbstractDecoder) SetWriter(w netio.AuditRecordWriter)

SetWriter sets the netcap writer to use for the

type StreamDecoder ¶

type StreamDecoder struct {

	// used to keep track of the number of generated audit records
	NumRecordsWritten int64

	// Name of the decoder
	Name string

	// Description of the decoder
	Description string

	// Icon name for the decoder (for Maltego)
	Icon string

	// init functions
	PostInit func(decoder *StreamDecoder) error
	DeInit   func(decoder *StreamDecoder) error

	// Writer for audit records
	Writer netio.AuditRecordWriter

	// Type of the audit records produced by this decoder
	Type types.Type

	// canDecode checks whether the decoder can parse the protocol
	CanDecode func(client []byte, server []byte) bool

	// factory for stream readers
	Factory core.StreamDecoderFactory

	Typ core.TransportProtocol
}

StreamDecoder implements custom logic to decode data from a TCP / UDP network conversation this structure has an optimized field order to avoid excessive padding.

func (*StreamDecoder) CanDecodeStream ¶

func (sd *StreamDecoder) CanDecodeStream(client []byte, server []byte) bool

CanDecodeStream invokes the canDecode function of the underlying decoder to determine whether the decoder can understand the protocol.

func (*StreamDecoder) DeInitFunc ¶

func (sd *StreamDecoder) DeInitFunc() error

DeInitFunc is called prior to teardown.

func (*StreamDecoder) Destroy ¶

func (sd *StreamDecoder) Destroy() (name string, size int64)

Destroy closes and flushes all writers and calls deinit if set.

func (*StreamDecoder) FlushCurrentState ¶ added in v0.9.0

func (sd *StreamDecoder) FlushCurrentState() int64

FlushCurrentState flushes the writer buffer for stream decoders. Stream decoders write records immediately during stream processing, so there's no accumulated state to flush. This just ensures any buffered data is written to disk.

func (*StreamDecoder) GetChan ¶

func (sd *StreamDecoder) GetChan() <-chan []byte

GetChan returns a channel to receive serialized protobuf data from the decoder.

func (*StreamDecoder) GetDescription ¶

func (sd *StreamDecoder) GetDescription() string

GetDescription returns the description of the

func (*StreamDecoder) GetName ¶

func (sd *StreamDecoder) GetName() string

GetName returns the name of the

func (*StreamDecoder) GetReaderFactory ¶

func (sd *StreamDecoder) GetReaderFactory() core.StreamDecoderFactory

GetReaderFactory returns a new stream reader for the decoder type.

func (*StreamDecoder) GetType ¶

func (sd *StreamDecoder) GetType() types.Type

GetType returns the netcap type of the

func (*StreamDecoder) GetWriter ¶ added in v0.9.0

func (sd *StreamDecoder) GetWriter() netio.AuditRecordWriter

GetWriter returns the current writer.

func (*StreamDecoder) NumRecords ¶

func (sd *StreamDecoder) NumRecords() int64

NumRecords returns the number of written records.

func (*StreamDecoder) PostInitFunc ¶

func (sd *StreamDecoder) PostInitFunc() error

PostInitFunc is called after the decoder has been initialized.

func (*StreamDecoder) SetWriter ¶

func (sd *StreamDecoder) SetWriter(w netio.AuditRecordWriter)

SetWriter sets the netcap writer to use for the

func (*StreamDecoder) Transport ¶

func (sd *StreamDecoder) Transport() core.TransportProtocol

Transport returns the transport protocol (Layer 4 in the OSI model)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
config
core
db
packet Package packet Package decoder implements decoders to transform network packets into protocol buffers for various protocols	Package packet Package decoder implements decoders to transform network packets into protocol buffers for various protocols
stream
alert
bacnetip
bgp
cip
credentials
dcerpc
discovery
dnp3
exploit
file
ftp
http
iec62351
imap
ipp
irc
kerberosaudit
mail
modbus
mqttsn
network Package network handles network-layer protocol conversations (ICMP, IGMP, GRE, etc.) that don't have a transport layer.	Package network handles network-layer protocol conversations (ICMP, IGMP, GRE, etc.) that don't have a transport layer.
opcua
pop3
profinet
protobuf
quic Package quic implements QUIC protocol analysis for both gQUIC and IETF QUIC.	Package quic implements QUIC protocol analysis for both gQUIC and IETF QUIC.
rdp
s7comm
service
smb
smtp
socks
software
ssh
syslog
tacacs
tcp
tls
udp
utils
vulnerability
zabbix
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL