Documentation ¶
Overview ¶
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- type Config
- type Engine
- type PacketExtractor
- func (pe *PacketExtractor) AddApplicationLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) AddNetworkLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) AddTransportLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) GetIPv4() *layers.IPv4
- func (pe *PacketExtractor) GetIfaceName() string
- func (pe *PacketExtractor) GetMetadata() (meta types.MetaRule)
- func (pe *PacketExtractor) GetPacketMetadata() *gopacket.PacketMetadata
- func (pe *PacketExtractor) GetPacketPayload() []byte
- func (pe *PacketExtractor) GetSCTP() *layers.SCTP
- func (pe *PacketExtractor) GetTCP() *layers.TCP
- func (pe *PacketExtractor) GetUDP() *layers.UDP
Constants ¶
const ( IPV4 = "ipv4" TCP = "tcp" UDP = "udp" SCTP = "sctp" )
const ( MainEventOuterMsg = "mole" MainEventInnerMsg = "event" MainEventInitCompletedMsg = "starting mole ids engine" StartMsg = "engine is listening for packages" NoMatchFoundMsg = "unable to find yara rule for proto:%s src:%s sport:%s dst:%s dport:%s" ScannerScanMemFaildMsg = "error while scanning payload: %s" UnableToDecodePacketMsg = "unable to fully decode packet. Error in layer: %d" ConfigInitFailedMsg = "while configuring the engine" RulesManagerInitFailMsg = "while initialating rules manager got" CreateTreeFailMsg = "while generating the Decision tree got" InterfacesInitFailMsg = "while initialating interfaces got" LoadingRulesFailedMsg = "while loading rules got" GettingHandlerFailMsg = "while getting the snffer handler got" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Engine ¶
type Engine struct { // Config engine's configuration most of its values come from the arguments // or configuration file Config *Config // Iface is the interface where Mole reads packets Iface *interfaces.Interfaces // RulesManager handles everything related with rules RulesManager *rules.Manager // RuleMap used to fire Yara rules based on the identifier token return by // the look up query RuleMap types.RuleMapScanner // Handle is the interface handeler that allow Mole to capture traffic Handle gopacket.PacketDataSource }
Engine is in charge to handle the mole core functionalities
type PacketExtractor ¶
type PacketExtractor struct { Packet gopacket.Packet Metadata *gopacket.PacketMetadata NetworkLayer string TransportLayer string ApplicationLayer string Network gopacket.Layer Transport gopacket.Layer Application gopacket.Layer // contains filtered or unexported fields }
func NewPacketExtractor ¶
func NewPacketExtractor(pkt gopacket.Packet) *PacketExtractor
func (*PacketExtractor) AddApplicationLayer ¶
func (pe *PacketExtractor) AddApplicationLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) AddNetworkLayer ¶
func (pe *PacketExtractor) AddNetworkLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) AddTransportLayer ¶
func (pe *PacketExtractor) AddTransportLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) GetIPv4 ¶
func (pe *PacketExtractor) GetIPv4() *layers.IPv4
func (*PacketExtractor) GetIfaceName ¶
func (pe *PacketExtractor) GetIfaceName() string
func (*PacketExtractor) GetMetadata ¶
func (pe *PacketExtractor) GetMetadata() (meta types.MetaRule)
func (*PacketExtractor) GetPacketMetadata ¶
func (pe *PacketExtractor) GetPacketMetadata() *gopacket.PacketMetadata
func (*PacketExtractor) GetPacketPayload ¶
func (pe *PacketExtractor) GetPacketPayload() []byte
func (*PacketExtractor) GetSCTP ¶
func (pe *PacketExtractor) GetSCTP() *layers.SCTP
func (*PacketExtractor) GetTCP ¶
func (pe *PacketExtractor) GetTCP() *layers.TCP
func (*PacketExtractor) GetUDP ¶
func (pe *PacketExtractor) GetUDP() *layers.UDP