pcap

package module

v1.0.1 Latest Latest Go to latest Published: Jan 16, 2021 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/irai/pcap

README ¶

pcap

Packet capture

Documentation ¶

Overview ¶

Package pcap implement a basic module to capture packet traffic

see: http://www.devdungeon.com/content/packet-capture-injection-and-analysis-gopacket

DNS spooffing: https://github.com/razc411/DNSMangler

Index ¶

func BlockTCPStats(ifName string, network *net.IPNet)
func DNSLookupByIP(ip net.IP) string
func HasTrafficSince(ip net.IP, deadline time.Time) bool
func ICMPListenAndServe(ifName string)
func ListenAndServe(nic string, localNetwork net.IPNet, hostMAC net.HardwareAddr) error
func PrintPacketInfo(packet gopacket.Packet)
func PrintTable()
type DNSStats
type HostStats
- func FindHostByIP(ip net.IP) *HostStats
type ICMPStats
type TCPStats

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BlockTCPStats ¶

func BlockTCPStats(ifName string, network *net.IPNet)

BlockTCPStats will loop waiting for TCP packets to intercept. Call it from a goroutine.

It will then send a TCP RST packet to close the socket.

func DNSLookupByIP ¶

func DNSLookupByIP(ip net.IP) string

DNSLookupByIP find DNS entry by IP address; return ip if not found

func HasTrafficSince ¶

func HasTrafficSince(ip net.IP, deadline time.Time) bool

HasTrafficSince return true if the host has sent packets since the deadline

func ICMPListenAndServe ¶

func ICMPListenAndServe(ifName string)

ICMPListenAndServe listen to ICMP packets

func ListenAndServe ¶

func ListenAndServe(nic string, localNetwork net.IPNet, hostMAC net.HardwareAddr) error

ListenAndServe main listening loop

func PrintPacketInfo ¶

func PrintPacketInfo(packet gopacket.Packet)

PrintPacketInfo print a network packet to stdout

func PrintTable ¶

func PrintTable()

PrintTable print the hostStatsTable to standard out TODO: Should use http://info.io to lookup names and geo

Types ¶

type DNSStats ¶

type DNSStats struct {
	Timestamp       string
	SourceIP        string
	DestinationIP   string
	DNSQuery        string
	DNSAnswer       []net.IP
	DNSAnswerTTL    []string
	NumberOfAnswers string
	DNSResponseCode string
	DNSOpsCode      string
}

DNSStats capture DNS statistics for host

type HostStats ¶

type HostStats struct {
	MAC            net.HardwareAddr `json:"mac"`
	IP             net.IP           `json:"ip"`
	Blocked        bool             `json:"client_blocked" `
	LastPacketTime time.Time        `json:"last_packet_time"`
	Traffic        []*TCPStats
}

HostStats record recent network statistics for each host

func FindHostByIP ¶

func FindHostByIP(ip net.IP) *HostStats

FindHostByIP find a host in the hostStatsTable; return nil if not found

type ICMPStats ¶

type ICMPStats struct {
	Timestamp     string
	SourceIP      string
	DestinationIP string
}

ICMPStats capture DNS statistics for host

type TCPStats ¶

type TCPStats struct {
	IP             net.IP    `json:"ip"`
	LastPacketTime time.Time `json:"last_packet_time"`
	OutPacketBytes uint      `json:"out_bytes"`
	OutPacketCount uint      `json:"out_packet_count"`
	InPacketBytes  uint      `json:"in_bytes"`
	InPacketCount  uint      `json:"in_packet_count"`
	OutConnCount   uint      `json:"out_conn_count"`
}

TCPStats record TCP statistics for the IP address

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
capture

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL