pktcls

package
Version: v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 4, 2020 License: Apache-2.0 Imports: 12 Imported by: 2

Documentation

Overview

Package pktcls implements tools for classifying and acting on network packets.

A class is a named condition that exposes an Eval method; when Eval yields true for a ClsPkt, that packet is considered to be part of that class.

The following conditions are supported: AnyOf, AllOf, Boolean true, Boolean false and IPv4. AnyOf returns true if at least one subcondition returns true. AllOf returns true if all subconditions return true. AllOf or AnyOf without subconditions return true. Boolean conditions always return their internal value. IPv4 conditions include predicates that compare the analyzed packet to preset values. Supported IPv4 conditions currently include destination network match, source network match and ToS/DSCP fields match. Multiple predicates can be checked by enumerating them under AllOf or AnyOf.

The package contains support for JSON marshaling and unmarshaling of classes. Due to the custom formatting of the JSON output, marshaling must be done by first adding the classes to a ClassMap. Unmarshaling back to the Map is guaranteed to yield an object that is identical to the initial one.

All conditions also implement fmt.Stringer, the `String` method produces a human readable representation. The human readable representation can also be parsed with `BuildClassTree` and can be validated by `ValidateTrafficClass`.

Index

Constants

View Source
const (
	TypeCondAllOf            = "CondAllOf"
	TypeCondAnyOf            = "CondAnyOf"
	TypeCondNot              = "CondNot"
	TypeCondBool             = "CondBool"
	TypeCondIPv4             = "CondIPv4"
	TypeIPv4MatchSource      = "MatchSource"
	TypeIPv4MatchDestination = "MatchDestination"
	TypeIPv4MatchToS         = "MatchToS"
	TypeIPv4MatchDSCP        = "MatchDSCP"
	TypeIPv4MatchProtocol    = "MatchProtocol"
	TypeCondPorts            = "CondPorts"
	TypePortMatchSource      = "MatchSourcePort"
	TypePortMatchDestination = "MatchDestinationPort"
)

Variables

This section is empty.

Functions

func ValidateTrafficClass added in v0.5.0

func ValidateTrafficClass(class string) error

ValidateTrafficClass validates the structure of the class param

Types

type Class

type Class struct {
	Cond Cond
	// contains filtered or unexported fields
}

Type Class is used to define classes of network traffic. All packets matching Cond are said to be part of the class. Class must not be marshaled to JSON directly; instead, first create a ClassMap, add the desired classes to it and then marshal the entire ClassMap.

func NewClass

func NewClass(name string, cond Cond) *Class

func (*Class) Eval

func (c *Class) Eval(pkt gopacket.Layer) bool

func (*Class) GetName

func (c *Class) GetName() string

func (*Class) MarshalJSON

func (c *Class) MarshalJSON() ([]byte, error)

func (*Class) UnmarshalJSON

func (c *Class) UnmarshalJSON(b []byte) error

type ClassMap

type ClassMap map[string]*Class

ClassMap is a container for Classes, keyed by their unique name. ClassMap can be used to marshal Classes to JSON. Unmarshaling back to ClassMap is guaranteed to yield an object that is identical to the initial one.

func (ClassMap) MarshalJSON

func (cm ClassMap) MarshalJSON() ([]byte, error)

func (*ClassMap) UnmarshalJSON

func (cm *ClassMap) UnmarshalJSON(b []byte) error

type Cond

type Cond interface {
	// Eval returns true if the Cond evaluated on v is true, false otherwise.
	Eval(v gopacket.Layer) bool
	Typer
	fmt.Stringer
}

Cond is used to decide which objects match a logical predicate. Types implementing Cond should not be marshaled directly to JSON. Instead, embed them into a Class and add the Class to a ClassMap; finally, marshal the entire ClassMap.

Implemented logical operations include or (CondAnyOf), and (CondAllOf) and not (CondNot). Two conditions can be compared using their string representations.

func BuildClassTree added in v0.5.0

func BuildClassTree(class string) (Cond, error)

BuildClassTree creates a Cond tree from the class param

type CondAllOf

type CondAllOf []Cond

CondAllOf conditions return true if at least one subcondition returns true.

func NewCondAllOf

func NewCondAllOf(children ...Cond) CondAllOf

func (CondAllOf) Eval

func (c CondAllOf) Eval(v gopacket.Layer) bool

func (CondAllOf) MarshalJSON

func (c CondAllOf) MarshalJSON() ([]byte, error)

func (CondAllOf) String

func (c CondAllOf) String() string

func (CondAllOf) Type

func (c CondAllOf) Type() string

func (*CondAllOf) UnmarshalJSON

func (c *CondAllOf) UnmarshalJSON(b []byte) error

type CondAnyOf

type CondAnyOf []Cond

CondAnyOf conditions return true if all subconditions return true.

func NewCondAnyOf

func NewCondAnyOf(children ...Cond) CondAnyOf

func (CondAnyOf) Eval

func (c CondAnyOf) Eval(v gopacket.Layer) bool

func (CondAnyOf) MarshalJSON

func (c CondAnyOf) MarshalJSON() ([]byte, error)

func (CondAnyOf) String

func (c CondAnyOf) String() string

func (CondAnyOf) Type

func (c CondAnyOf) Type() string

func (*CondAnyOf) UnmarshalJSON

func (c *CondAnyOf) UnmarshalJSON(b []byte) error

type CondBool

type CondBool bool

CondBool contains a true or false value, useful for debugging and testing.

var (
	CondTrue  CondBool = true
	CondFalse CondBool = false
)

func (CondBool) Eval

func (c CondBool) Eval(v gopacket.Layer) bool

func (CondBool) String added in v0.5.0

func (c CondBool) String() string

func (CondBool) Type

func (c CondBool) Type() string

type CondClass added in v0.5.0

type CondClass struct {
	TrafficClass string
}

CondClass conditions return true if the embedded traffic class returns true

func (CondClass) Eval added in v0.5.0

func (c CondClass) Eval(v gopacket.Layer) bool

func (CondClass) String added in v0.5.0

func (c CondClass) String() string

func (CondClass) Type added in v0.5.0

func (c CondClass) Type() string

type CondIPv4

type CondIPv4 struct {
	Predicate IPv4Predicate
}

CondIPv4 conditions return true if the embedded IPv4 predicate returns true.

func NewCondIPv4

func NewCondIPv4(p IPv4Predicate) *CondIPv4

func (*CondIPv4) Eval

func (c *CondIPv4) Eval(v gopacket.Layer) bool

func (*CondIPv4) MarshalJSON

func (c *CondIPv4) MarshalJSON() ([]byte, error)

func (*CondIPv4) String added in v0.5.0

func (c *CondIPv4) String() string

func (*CondIPv4) Type

func (c *CondIPv4) Type() string

func (*CondIPv4) UnmarshalJSON

func (c *CondIPv4) UnmarshalJSON(b []byte) error

type CondNot

type CondNot struct {
	Operand Cond
}

CondNot conditions negate the result of the subcondition.

func NewCondNot

func NewCondNot(operand Cond) CondNot

func (CondNot) Eval

func (c CondNot) Eval(v gopacket.Layer) bool

func (CondNot) MarshalJSON

func (c CondNot) MarshalJSON() ([]byte, error)

func (CondNot) String

func (c CondNot) String() string

func (CondNot) Type

func (c CondNot) Type() string

func (*CondNot) UnmarshalJSON

func (c *CondNot) UnmarshalJSON(b []byte) error

type CondPorts added in v0.6.0

type CondPorts struct {
	Predicate PortPredicate
}

CondPorts conditions return true if the embedded port predicate returns true.

func NewCondPorts added in v0.6.0

func NewCondPorts(p PortPredicate) *CondPorts

func (*CondPorts) Eval added in v0.6.0

func (c *CondPorts) Eval(v gopacket.Layer) bool

func (*CondPorts) MarshalJSON added in v0.6.0

func (c *CondPorts) MarshalJSON() ([]byte, error)

func (*CondPorts) String added in v0.6.0

func (c *CondPorts) String() string

func (*CondPorts) Type added in v0.6.0

func (c *CondPorts) Type() string

func (*CondPorts) UnmarshalJSON added in v0.6.0

func (c *CondPorts) UnmarshalJSON(b []byte) error

type ErrorListener added in v0.5.0

type ErrorListener struct {
	*antlr.DefaultErrorListener
	// contains filtered or unexported fields
}

func (*ErrorListener) SyntaxError added in v0.5.0

func (l *ErrorListener) SyntaxError(recognizer antlr.Recognizer, offendingSymbol interface{}, line,
	column int, msg string, e antlr.RecognitionException)

type IPv4MatchDSCP

type IPv4MatchDSCP struct {
	DSCP uint8
}

IPv4MatchDSCP checks whether the DSCP subset of the TOS field matches.

func (*IPv4MatchDSCP) Eval

func (m *IPv4MatchDSCP) Eval(p *layers.IPv4) bool

func (*IPv4MatchDSCP) MarshalJSON

func (m *IPv4MatchDSCP) MarshalJSON() ([]byte, error)

func (*IPv4MatchDSCP) String added in v0.5.0

func (m *IPv4MatchDSCP) String() string

func (*IPv4MatchDSCP) Type

func (m *IPv4MatchDSCP) Type() string

func (*IPv4MatchDSCP) UnmarshalJSON

func (m *IPv4MatchDSCP) UnmarshalJSON(b []byte) error

type IPv4MatchDestination

type IPv4MatchDestination struct {
	Net *net.IPNet
}

IPv4MatchDestination checks whether the destination IPv4 address is contained in Net.

func (*IPv4MatchDestination) Eval

func (m *IPv4MatchDestination) Eval(p *layers.IPv4) bool

func (*IPv4MatchDestination) MarshalJSON

func (m *IPv4MatchDestination) MarshalJSON() ([]byte, error)

func (*IPv4MatchDestination) String added in v0.5.0

func (m *IPv4MatchDestination) String() string

func (*IPv4MatchDestination) Type

func (m *IPv4MatchDestination) Type() string

func (*IPv4MatchDestination) UnmarshalJSON

func (m *IPv4MatchDestination) UnmarshalJSON(b []byte) error

type IPv4MatchProtocol added in v0.6.0

type IPv4MatchProtocol struct {
	Protocol uint8
}

IPv4Matchprotocol checks whether the the L4 protocol matches.

func (*IPv4MatchProtocol) Eval added in v0.6.0

func (m *IPv4MatchProtocol) Eval(p *layers.IPv4) bool

func (*IPv4MatchProtocol) MarshalJSON added in v0.6.0

func (m *IPv4MatchProtocol) MarshalJSON() ([]byte, error)

func (*IPv4MatchProtocol) String added in v0.6.0

func (m *IPv4MatchProtocol) String() string

func (*IPv4MatchProtocol) Type added in v0.6.0

func (m *IPv4MatchProtocol) Type() string

func (*IPv4MatchProtocol) UnmarshalJSON added in v0.6.0

func (m *IPv4MatchProtocol) UnmarshalJSON(b []byte) error

type IPv4MatchSource

type IPv4MatchSource struct {
	Net *net.IPNet
}

IPv4MatchSource checks whether the source IPv4 address is contained in Net.

func (*IPv4MatchSource) Eval

func (m *IPv4MatchSource) Eval(p *layers.IPv4) bool

func (*IPv4MatchSource) MarshalJSON

func (m *IPv4MatchSource) MarshalJSON() ([]byte, error)

func (*IPv4MatchSource) String added in v0.5.0

func (m *IPv4MatchSource) String() string

func (*IPv4MatchSource) Type

func (m *IPv4MatchSource) Type() string

func (*IPv4MatchSource) UnmarshalJSON

func (m *IPv4MatchSource) UnmarshalJSON(b []byte) error

type IPv4MatchToS

type IPv4MatchToS struct {
	TOS uint8
}

IPv4MatchToS checks whether the ToS field matches.

func (*IPv4MatchToS) Eval

func (m *IPv4MatchToS) Eval(p *layers.IPv4) bool

func (*IPv4MatchToS) MarshalJSON

func (m *IPv4MatchToS) MarshalJSON() ([]byte, error)

func (*IPv4MatchToS) String added in v0.5.0

func (m *IPv4MatchToS) String() string

func (*IPv4MatchToS) Type

func (m *IPv4MatchToS) Type() string

func (*IPv4MatchToS) UnmarshalJSON

func (m *IPv4MatchToS) UnmarshalJSON(b []byte) error

type IPv4Predicate

type IPv4Predicate interface {
	// Eval returns true if the IPv4 packet matched the predicate
	Eval(*layers.IPv4) bool
	Typer
	fmt.Stringer
}

IPv4Predicate describes a single test on various IPv4 packet fields.

type PortMatchDestination added in v0.6.0

type PortMatchDestination struct {
	MinPort uint16
	MaxPort uint16
}

PortMatchDestination checks whether the destination port is within the specified range.

func (*PortMatchDestination) Eval added in v0.6.0

func (m *PortMatchDestination) Eval(p *Ports) bool

func (*PortMatchDestination) MarshalJSON added in v0.6.0

func (m *PortMatchDestination) MarshalJSON() ([]byte, error)

func (*PortMatchDestination) String added in v0.6.0

func (m *PortMatchDestination) String() string

func (*PortMatchDestination) Type added in v0.6.0

func (m *PortMatchDestination) Type() string

func (*PortMatchDestination) UnmarshalJSON added in v0.6.0

func (m *PortMatchDestination) UnmarshalJSON(b []byte) error

type PortMatchSource added in v0.6.0

type PortMatchSource struct {
	MinPort uint16
	MaxPort uint16
}

PortMatchSource checks whether the source port is within the specified range.

func (*PortMatchSource) Eval added in v0.6.0

func (m *PortMatchSource) Eval(p *Ports) bool

func (*PortMatchSource) MarshalJSON added in v0.6.0

func (m *PortMatchSource) MarshalJSON() ([]byte, error)

func (*PortMatchSource) String added in v0.6.0

func (m *PortMatchSource) String() string

func (*PortMatchSource) Type added in v0.6.0

func (m *PortMatchSource) Type() string

func (*PortMatchSource) UnmarshalJSON added in v0.6.0

func (m *PortMatchSource) UnmarshalJSON(b []byte) error

type PortPredicate added in v0.6.0

type PortPredicate interface {
	// Eval returns true if the packet matched the predicate
	Eval(*Ports) bool
	Typer
	fmt.Stringer
}

PortPredicate describes a single test on port fields.

type Ports added in v0.6.0

type Ports struct {
	Src uint16
	Dst uint16
}

Ports represents source and destination ports, irrespective of the specific L3 and L4 protocol.

type Typer

type Typer interface {
	Type() string
}

Directories

Path Synopsis
Package mock_pktcls is a generated GoMock package.
Package mock_pktcls is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL