classify

package

v0.0.0-...-9c42f08 Latest Latest Go to latest Published: May 8, 2020 License: MPL-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/uw-ictd/haulage

Documentation ¶

Index ¶

func Local(endpoint gopacket.Endpoint) bool
func ParseDns(pkt gopacket.Packet, flow FiveTuple, msg *DnsMsg) error
func User(endpoint gopacket.Endpoint, userSubnet string, ignoredUserIPs []string) bool
type DnsMsg
type FiveTuple

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Local ¶

func Local(endpoint gopacket.Endpoint) bool

Deployment specific logic to determine if traffic is local only

func ParseDns ¶

func ParseDns(pkt gopacket.Packet, flow FiveTuple, msg *DnsMsg) error

Attempts to parse a dns payload from the provided packet.

Nominally returns a parsed DnsMsg struct with the DNS information. If no DNS information is detected in the packet returns a NoDNSError. Otherwise returns generic error codes for parsing failure.

func User ¶

func User(endpoint gopacket.Endpoint, userSubnet string, ignoredUserIPs []string) bool

Deployment specific logic to determine if traffic is from a user.

Types ¶

type DnsMsg ¶

type DnsMsg struct {
	Timestamp       time.Time
	Flow            FiveTuple
	DnsQuery        string
	DnsOpCode       uint16
	DnsResponseCode uint16
	NumberOfAnswers uint16
	DnsAnswerTTL    []uint32
	DnsAnswer       []net.IP
}

type FiveTuple ¶

type FiveTuple struct {
	Network           gopacket.Flow
	Transport         gopacket.Flow
	TransportProtocol uint8
}

Completely describes a transport level network flow.

func (FiveTuple) MakeCanonical ¶

func (t FiveTuple) MakeCanonical() FiveTuple

Represent the flow in an ordered form, possibly flipping the source and destination.

Two five tuples representing both directions of a flow will have the same canonical form.

func (FiveTuple) SameBidirectionalFlow ¶

func (t FiveTuple) SameBidirectionalFlow(other FiveTuple) bool

True if the other FiveTuple flow is in the same bidirectional flow.

func (FiveTuple) TransportDstPort ¶

func (t FiveTuple) TransportDstPort() (uint16, error)

Extract the transport dst port number from the transport flow. This may not be valid for all transports.

func (FiveTuple) TransportSrcPort ¶

func (t FiveTuple) TransportSrcPort() (uint16, error)

Extract the transport src port number from the transport flow. This may not be valid for all transports.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL