Documentation ¶
Overview ¶
Package pipe defines the data structure used to manipulate, monitor, and create proxied connections.
Index ¶
- Constants
- type Pipe
- type TrudyPipe
- func (t *TrudyPipe) AddContext(key string, value interface{})
- func (t *TrudyPipe) ClientConn() net.Conn
- func (t *TrudyPipe) ClientInfo() (addr net.Addr)
- func (t *TrudyPipe) Close()
- func (t *TrudyPipe) DeleteContext(key string)
- func (t *TrudyPipe) GetContext(key string) (retval interface{}, ok bool)
- func (t *TrudyPipe) Id() uint
- func (t *TrudyPipe) Lock()
- func (t *TrudyPipe) New(id uint, fd int, clientConn net.Conn, useTLS bool) (err error)
- func (t *TrudyPipe) ReadFromClient(buffer []byte) (n int, err error)
- func (t *TrudyPipe) ReadFromServer(buffer []byte) (n int, err error)
- func (t *TrudyPipe) ServerConn() net.Conn
- func (t *TrudyPipe) ServerInfo() (addr net.Addr)
- func (t *TrudyPipe) SetClientConn(c net.Conn)
- func (t *TrudyPipe) SetServerConn(s net.Conn)
- func (t *TrudyPipe) Unlock()
- func (t *TrudyPipe) WriteToClient(buffer []byte) (n int, err error)
- func (t *TrudyPipe) WriteToServer(buffer []byte) (n int, err error)
Constants ¶
const SO_ORIGINAL_DST = 80
Netfilter/iptables adds a tcp header to identify original destination. Since all traffic is routed through trudy, we need to retrieve the original intended destination (i.e. _not_ trudy)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Pipe ¶
type Pipe interface { //Id returns a unique Pipe identifier Id() uint //ServerInfo returns the net.Addr of the server-end of the pipe. ServerInfo() (addr net.Addr) //ClientInfo returns the net.Addr of the client-end of the pipe. ClientInfo() (addr net.Addr) //ReadFromClient reads data into the buffer from the client-end of the //pipe. ReadFromClient returns the number of bytes read and an error //value if an error or EOF occurred. Note: ReadFromClient can read a //non-zero number of bytes and have a non-nil error value (e.g. EOF). ReadFromClient(buffer []byte) (n int, err error) //WriteToClient writes data to the client-end of the pipe. This is //typically the proxy-unaware client. WriteToClient(buffer []byte) (n int, err error) //ReadFromServer reads data into the buffer from the server-end of the //pipe. The server is the proxy-unaware client's intended destination. //ReadFromServer returns the number of bytes read and an error value if //an error or EOF occurred. Note: ReadFromServer can read a non-zero //number of bytes and have a non-nil error value (e.g. EOF). ReadFromServer(buffer []byte) (n int, err error) //WriteToServer writes buffer to the server-end of the pipe. The server //is the proxy-unaware client's intended destination. WriteToServer(buffer []byte) (n int, err error) //ServerConn returns the net.Conn responsible for server-end //communication. ServerConn() (conn net.Conn) //CilentConn returns the net.Conn responsible for client-end //communication. ClientConn() (conn net.Conn) //SetServerConn will replace the server-end of the pipe with the supplied //net.Conn parameter. SetServerConn(conn net.Conn) //SetClientConn will replace the client-end of the pipe with the supplied //net.Conn parameter. SetClientConn(conn net.Conn) //New builds a new Pipe. New(pipeID uint, clientConnFD int, clientConn net.Conn, useTLS bool) (err error) //Close closes both connections of the Pipe. Close() //Lock locks a per-Pipe mutex that can be used in modules for //synchronization. Lock() //Unlock unlocks a per-Pipe mutex that can be used in modules for //synchronization. Unlock() //AddContext adds a key/value pair to the Pipe. AddContext(key string, value interface{}) //GetContext retrieves a value in a Pipe key/value data store. //GetContext returns the value and a bool indicating success. GetContext(key string) (value interface{}, ok bool) //DeleteContext removes a key/value pair from the Pipe. DeleteContext(key string) }
Pipe is the primary interface that handles connections. Pipe creates a full-duplex pipe that passes data from the client to the server and vice versa. A pipe is compromised of two connections. The client transparently connects to Trudy, and Trudy accepts the connection. Trudy will then make a connection with the client's intended destination and just pass traffic back-and-forth between the two connections. All modifications and drops to the packet happen to data between the two ends of the pipe.
type TrudyPipe ¶
type TrudyPipe struct { KV map[string]interface{} // contains filtered or unexported fields }
TrudyPipe implements the Pipe interface and can be used to proxy TCP connections.
func (*TrudyPipe) AddContext ¶
AddContext adds a key/value pair to the TrudyPipe. The key/value pair data store is per-TrudyPipe. AddContext is safe for use in multiple goroutines.
func (*TrudyPipe) ClientConn ¶
CilentConn returns the net.Conn responsible for client-end communication.
func (*TrudyPipe) ClientInfo ¶
ClientInfo returns the net.Addr of the client.
func (*TrudyPipe) DeleteContext ¶
DeleteContext removes a key/value pair from the TrudyPipe. DeleteContext is safe for use in multiple goroutines.
func (*TrudyPipe) GetContext ¶
GetContext retrieves a value in a TrudyPipe key/value data store. GetContext returns the value and a bool indicating success.
func (*TrudyPipe) Lock ¶
func (t *TrudyPipe) Lock()
Lock locks a mutex stored within TrudyPipe to allow for fine-grained synchronization within a module.
func (*TrudyPipe) New ¶
New builds a new TrudyPipe. New will get the original destination of traffic that was mangled by iptables and get the original destination. New will then open a connection to that original destination and, upon success, will set all the internal values needed for a TrudyPipe.
func (*TrudyPipe) ReadFromClient ¶
ReadFromClient reads data from the client end of the pipe. This is typically the proxy-unaware client.
func (*TrudyPipe) ReadFromServer ¶
ReadFromServer reads data from the server end of the pipe. The server is the proxy-unaware client's intended destination.
func (*TrudyPipe) ServerConn ¶
ServerConn returns the net.Conn responsible for server-end communication.
func (*TrudyPipe) ServerInfo ¶
ServerInfo returns the net.Addr of the server.
func (*TrudyPipe) SetClientConn ¶
SetClientConn will replace the client-end of the pipe with the supplied net.Conn parameter. SetClientConn is safe for use in multiple goroutines.
func (*TrudyPipe) SetServerConn ¶
SetServerConn will replace the server-end of the pipe with the supplied net.Conn parameter. SetServerConn is safe for use in multiple goroutines.
func (*TrudyPipe) Unlock ¶
func (t *TrudyPipe) Unlock()
Unlock unlocks a mutex stored within TrudyPipe to allow for fine-grained synchronization within a module.
func (*TrudyPipe) WriteToClient ¶
WriteToClient writes data to the client end of the pipe. This is typically the proxy-unaware client.