Documentation
¶
Index ¶
- Constants
- Variables
- type AAC_Frame_In
- type AVC_AU_In
- type AVC_DCR_Out
- type AVI_In
- type Bitcoin_Block_In
- type CAFF_In
- type CSV_In
- type FLAC_Frame_In
- type FLAC_Frame_Out
- type FLAC_Metadatablock_Out
- type FLAC_Metadatablocks_Out
- type FLAC_Stream_Info
- type FLAC_Streaminfo_Out
- type HEVC_AU_In
- type HEVC_DCR_Out
- type HTML_In
- type INET_Packet_In
- type IP_Packet_In
- type Link_Frame_In
- type MP3_Frame_Out
- type MP3_In
- type MP4_In
- type MPEG_ASC_Out
- type MPEG_Decoder_Config
- type MPEG_ES_Out
- type Matroska_In
- type Ogg_Page_Out
- type Pg_BTree_In
- type Pg_Control_In
- type Pg_Heap_In
- type Probe_Args_In
- type Probe_In
- type ProtoBufField
- type ProtoBufMessage
- type Protobuf_In
- type TCP_Stream_In
- type TCP_Stream_Out
- type TLS_In
- type UDP_Payload_In
- type XML_In
- type Zip_In
Constants ¶
View Source
const ( ProbeOrderBinUnique = 0 // binary with unlikely overlap ProbeOrderBinFuzzy = 100 // binary with possible overlap ProbeOrderTextJSON = 200 // text json has prio as yaml overlap ProbeOrderTextFuzzy = 300 // text with possible overlap )
TODO: do before-format somehow and topology sort?
View Source
const ( LinkTypeNULL = 0 LinkTypeETHERNET = 1 LinkTypeAX25 = 3 LinkTypeIEEE802_5 = 6 LinkTypeARCNET_BSD = 7 LinkTypeSLIP = 8 LinkTypePPP = 9 LinkTypeFDDI = 10 LinkTypePPP_HDLC = 50 LinkTypePPP_ETHER = 51 LinkTypeATM_RFC1483 = 100 LinkTypeRAW = 101 LinkTypeC_HDLC = 104 LinkTypeIEEE802_11 = 105 LinkTypeFRELAY = 107 LinkTypeLOOP = 108 LinkTypeLINUX_SLL = 113 LinkTypeLTALK = 114 LinkTypePFLOG = 117 LinkTypeIEEE802_11_PRISM = 119 LinkTypeIP_OVER_FC = 122 LinkTypeSUNATM = 123 LinkTypeIEEE802_11_RADIOTAP = 127 LinkTypeARCNET_LINUX = 129 LinkTypeAPPLE_IP_OVER_IEEE1394 = 138 LinkTypeMTP2_WITH_PHDR = 139 LinkTypeMTP2 = 140 LinkTypeMTP3 = 141 LinkTypeSCCP = 142 LinkTypeDOCSIS = 143 LinkTypeLINUX_IRDA = 144 LinkTypeUSER0 = 147 LinkTypeUSER1 = 148 LinkTypeUSER2 = 149 LinkTypeUSER3 = 150 LinkTypeUSER4 = 151 LinkTypeUSER5 = 152 LinkTypeUSER6 = 153 LinkTypeUSER7 = 154 LinkTypeUSER8 = 155 LinkTypeUSER9 = 156 LinkTypeUSER10 = 157 LinkTypeUSER11 = 158 LinkTypeUSER12 = 159 LinkTypeUSER13 = 160 LinkTypeUSER14 = 161 LinkTypeUSER15 = 162 LinkTypeIEEE802_11_AVS = 163 LinkTypeBACNET_MS_TP = 165 LinkTypePPP_PPPD = 166 LinkTypeGPRS_LLC = 169 LinkTypeGPF_T = 170 LinkTypeGPF_F = 171 LinkTypeLINUX_LAPD = 177 LinkTypeMFR = 182 LinkTypeBLUETOOTH_HCI_H4 = 187 LinkTypeUSB_LINUX = 189 LinkTypePPI = 192 LinkTypeIEEE802_15_4_WITHFCS = 195 LinkTypeSITA = 196 LinkTypeERF = 197 LinkTypeBLUETOOTH_HCI_H4_WITH_PHDR = 201 LinkTypeAX25_KISS = 202 LinkTypeLAPD = 203 LinkTypePPP_WITH_DIR = 204 LinkTypeC_HDLC_WITH_DIR = 205 LinkTypeFRELAY_WITH_DIR = 206 LinkTypeLAPB_WITH_DIR = 207 LinkTypeIPMB_LINUX = 209 LinkTypeFLEXRAY = 210 LinkTypeLIN = 212 LinkTypeIEEE802_15_4_NONASK_PHY = 215 LinkTypeUSB_LINUX_MMAPPED = 220 LinkTypeFC_2 = 224 LinkTypeFC_2_WITH_FRAME_DELIMS = 225 LinkTypeIPNET = 226 LinkTypeCAN_SOCKETCAN = 227 LinkTypeIPv4 = 228 LinkTypeIPv6 = 229 LinkTypeIEEE802_15_4_NOFCS = 230 LinkTypeDBUS = 231 LinkTypeDVB_CI = 235 LinkTypeMUX27010 = 236 LinkTypeSTANAG_5066_D_PDU = 237 LinkTypeNFLOG = 239 LinkTypeNETANALYZER = 240 LinkTypeNETANALYZER_TRANSPARENT = 241 LinkTypeIPOIB = 242 LinkTypeMPEG_2_TS = 243 LinkTypeNG40 = 244 LinkTypeNFC_LLCP = 245 LinkTypeINFINIBAND = 247 LinkTypeSCTP = 248 LinkTypeUSBPCAP = 249 LinkTypeRTAC_SERIAL = 250 LinkTypeBLUETOOTH_LE_LL = 251 LinkTypeNETLINK = 253 LinkTypeBLUETOOTH_LINUX_MONITOR = 254 LinkTypeBLUETOOTH_BREDR_BB = 255 LinkTypeBLUETOOTH_LE_LL_WITH_PHDR = 256 LinkTypePROFIBUS_DL = 257 LinkTypePKTAP = 258 LinkTypeEPON = 259 LinkTypeIPMI_HPM_2 = 260 LinkTypeZWAVE_R1_R2 = 261 LinkTypeZWAVE_R3 = 262 LinkTypeWATTSTOPPER_DLM = 263 LinkTypeISO_14443 = 264 LinkTypeRDS = 265 LinkTypeUSB_DARWIN = 266 LinkTypeSDLC = 268 LinkTypeLORATAP = 270 LinkTypeVSOCK = 271 LinkTypeNORDIC_BLE = 272 LinkTypeDOCSIS31_XRA31 = 273 LinkTypeETHERNET_MPACKET = 274 LinkTypeDISPLAYPORT_AUX = 275 LinkTypeLINUX_SLL2 = 276 LinkTypeOPENVIZSLA = 278 LinkTypeEBHSCR = 279 LinkTypeVPP_DISPATCH = 280 LinkTypeDSA_TAG_BRCM = 281 LinkTypeDSA_TAG_BRCM_PREPEND = 282 LinkTypeIEEE802_15_4_TAP = 283 LinkTypeDSA_TAG_DSA = 284 LinkTypeDSA_TAG_EDSA = 285 LinkTypeELEE = 286 LinkTypeZ_WAVE_SERIAL = 287 LinkTypeUSB_2_0 = 288 LinkTypeATSC_ALP = 289 LinkTypeETW = 290 )
from https://www.tcpdump.org/linktypes.html TODO cleanup
View Source
const ( EtherTypeIPv4 = 0x0800 EtherTypeIPv6 = 0x86dd )
View Source
const ( IPv4ProtocolICMP = 1 IPv4ProtocolIGMP = 2 IPv4ProtocolTCP = 6 IPv4ProtocolUDP = 17 IPv4ProtocolICMPv6 = 58 )
View Source
const ( UDPPortDomain = 53 UDPPortMDNS = 5353 )
View Source
const ( TCPPortDomain = 53 TCPPortRTMP = 1935 )
View Source
const ( ProtoBufTypeInt32 = iota ProtoBufTypeInt64 ProtoBufTypeUInt32 ProtoBufTypeUInt64 ProtoBufTypeSInt32 ProtoBufTypeSInt64 ProtoBufTypeBool ProtoBufTypeEnum ProtoBufTypeFixed64 ProtoBufTypeSFixed64 ProtoBufTypeDouble ProtoBufTypeString ProtoBufTypeBytes ProtoBufTypeMessage ProtoBufTypePackedRepeated ProtoBufTypeFixed32 ProtoBufTypeSFixed32 ProtoBufTypeFloat )
Variables ¶
View Source
var ( INET_Packet = &decode.Group{Name: "inet_packet", DefaultInArg: INET_Packet_In{}} // ex: ipv4 IP_Packet = &decode.Group{Name: "ip_packet", DefaultInArg: INET_Packet_In{}} // ex: tcp Link_Frame = &decode.Group{Name: "link_frame", DefaultInArg: Link_Frame_In{}} // ex: ethernet Probe = &decode.Group{Name: "probe", DefaultInArg: Probe_In{}} Probe_Args = &decode.Group{Name: "probe_args", DefaultInArg: Probe_Args_In{}} TCP_Stream = &decode.Group{Name: "tcp_stream", DefaultInArg: TCP_Stream_In{}} // ex: http UDP_Payload = &decode.Group{Name: "udp_payload", DefaultInArg: UDP_Payload_In{}} // ex: dns Bits = &decode.Group{Name: "bits"} Bytes = &decode.Group{Name: "bytes"} ASN1_BER = &decode.Group{Name: "asn1_ber"} BSD_Loopback_Frame = &decode.Group{Name: "bsd_loopback_frame"} Bzip2 = &decode.Group{Name: "bzip2"} DNS = &decode.Group{Name: "dns"} DNS_TCP = &decode.Group{Name: "dns_tcp"} Ether_8023_Frame = &decode.Group{Name: "ether8023_frame"} Gzip = &decode.Group{Name: "gzip"} HTML = &decode.Group{Name: "html"} ICMP = &decode.Group{Name: "icmp"} ICMPv6 = &decode.Group{Name: "icmpv6"} IPv4Packet = &decode.Group{Name: "ipv4_packet"} IPv6Packet = &decode.Group{Name: "ipv6_packet"} JSON = &decode.Group{Name: "json"} JSONL = &decode.Group{Name: "jsonl"} Markdown = &decode.Group{Name: "markdown"} PCAP = &decode.Group{Name: "pcap"} PCAPNG = &decode.Group{Name: "pcapng"} Protobuf = &decode.Group{Name: "protobuf"} ProtobufWidevine = &decode.Group{Name: "protobuf_widevine"} SLL_Packet = &decode.Group{Name: "sll_packet"} SLL2_Packet = &decode.Group{Name: "sll2_packet"} TCP_Segment = &decode.Group{Name: "tcp_segment"} TLS = &decode.Group{Name: "tls"} UDP_Datagram = &decode.Group{Name: "udp_datagram"} XML = &decode.Group{Name: "xml"} YAML = &decode.Group{Name: "yaml"} Zip = &decode.Group{Name: "zip"} )
View Source
var EtherTypeMap = scalar.UintMap{ EtherTypeIPv4: {Sym: "ipv4", Description: `Internet Protocol version 4`}, 0x0806: {Sym: "arp", Description: `Address Resolution Protocol`}, 0x0842: {Sym: "wake", Description: `Wake-on-LAN[9]`}, 0x22f0: {Sym: "audio", Description: `Audio Video Transport Protocol`}, 0x22f3: {Sym: "trill", Description: `IETF TRILL Protocol`}, 0x22ea: {Sym: "srp", Description: `Stream Reservation Protocol`}, 0x6002: {Sym: "dec", Description: `DEC MOP RC`}, 0x6003: {Sym: "decnet", Description: `DECnet Phase IV, DNA Routing`}, 0x6004: {Sym: "declat", Description: `DEC LAT`}, 0x8035: {Sym: "reverse", Description: `Reverse Address Resolution Protocol`}, 0x809b: {Sym: "appletalk", Description: `AppleTalk`}, 0x80f3: {Sym: "appletalk_arp", Description: `AppleTalk Address Resolution Protocol`}, 0x8100: {Sym: "vlan", Description: `VLAN-tagged (IEEE 802.1Q)`}, 0x8102: {Sym: "slpp", Description: `Simple Loop Prevention Protocol`}, 0x8103: {Sym: "vlacp", Description: `Virtual Link Aggregation Control Protocol`}, 0x8137: {Sym: "ipx", Description: `IPX`}, 0x8204: {Sym: "qnx", Description: `QNX Qnet`}, EtherTypeIPv6: {Sym: "ipv6", Description: `Internet Protocol Version 6`}, 0x8808: {Sym: "flow_control", Description: `Ethernet flow control`}, 0x8809: {Sym: "lacp", Description: `Ethernet Slow Protocols] such as the Link Aggregation Control Protocol`}, 0x8819: {Sym: "cobranet", Description: `CobraNet`}, 0x8847: {Sym: "mpls", Description: `MPLS unicast`}, 0x8848: {Sym: "mpls", Description: `MPLS multicast`}, 0x8863: {Sym: "pppoe_discovery", Description: `PPPoE Discovery Stage`}, 0x8864: {Sym: "pppoe_session", Description: `PPPoE Session Stage`}, 0x887b: {Sym: "homeplug", Description: `HomePlug 1.0 MME`}, 0x888e: {Sym: "eap", Description: `EAP over LAN (IEEE 802.1X)`}, 0x8892: {Sym: "profinet", Description: `PROFINET Protocol`}, 0x889a: {Sym: "hyperscsi", Description: `HyperSCSI (SCSI over Ethernet)`}, 0x88a2: {Sym: "ata", Description: `ATA over Ethernet`}, 0x88a4: {Sym: "ethercat", Description: `EtherCAT Protocol`}, 0x88a8: {Sym: "service", Description: `Service VLAN tag identifier (S-Tag) on Q-in-Q tunnel`}, 0x88ab: {Sym: "ethernet", Description: `Ethernet Powerlink`}, 0x88b8: {Sym: "goose", Description: `GOOSE (Generic Object Oriented Substation event)`}, 0x88b9: {Sym: "gse", Description: `GSE (Generic Substation Events) Management Services`}, 0x88ba: {Sym: "sv", Description: `SV (Sampled Value Transmission)`}, 0x88bf: {Sym: "mikrotik", Description: `MikroTik RoMON (unofficial)`}, 0x88cc: {Sym: "link", Description: `Link Layer Discovery Protocol (LLDP)`}, 0x88cd: {Sym: "sercos", Description: `SERCOS III`}, 0x88e1: {Sym: "homeplug", Description: `HomePlug Green PHY`}, 0x88e3: {Sym: "media", Description: `Media Redundancy Protocol (IEC62439-2)`}, 0x88e5: {Sym: "ieee", Description: `IEEE 802.1AE MAC security (MACsec)`}, 0x88e7: {Sym: "provider", Description: `Provider Backbone Bridges (PBB) (IEEE 802.1ah)`}, 0x88f7: {Sym: "precision", Description: `Precision Time Protocol (PTP) over IEEE 802.3 Ethernet`}, 0x88f8: {Sym: "nc", Description: `NC-SI`}, 0x88fb: {Sym: "parallel", Description: `Parallel Redundancy Protocol (PRP)`}, 0x8902: {Sym: "ieee", Description: `IEEE 802.1ag Connectivity Fault Management (CFM) Protocol / ITU-T Recommendation Y.1731 (OAM)`}, 0x8906: {Sym: "fibre", Description: `Fibre Channel over Ethernet (FCoE)`}, 0x8914: {Sym: "fcoe", Description: `FCoE Initialization Protocol`}, 0x8915: {Sym: "rdma", Description: `RDMA over Converged Ethernet (RoCE)`}, 0x891d: {Sym: "ttethernet", Description: `TTEthernet Protocol Control Frame (TTE)`}, 0x893a: {Sym: "1905", Description: `1905.1 IEEE Protocol`}, 0x892f: {Sym: "high", Description: `High-availability Seamless Redundancy (HSR)`}, 0x9000: {Sym: "ethernet", Description: `Ethernet Configuration Testing Protocol[12]`}, 0xf1c1: {Sym: "redundancy", Description: `Redundancy Tag (IEEE 802.1CB Frame Replication and Elimination for Reliability)`}, }
from https://en.wikipedia.org/wiki/EtherType TODO: cleanup
View Source
var IPv4ProtocolMap = scalar.UintMap{}/* 136 elements not displayed */
View Source
var LinkTypeMap = scalar.UintMap{}/* 131 elements not displayed */
View Source
var ProtoBufTypeNames = scalar.UintMapSymStr{ ProtoBufTypeInt32: "int32", ProtoBufTypeInt64: "int64", ProtoBufTypeUInt32: "uint32", ProtoBufTypeUInt64: "uint64", ProtoBufTypeSInt32: "sint32", ProtoBufTypeSInt64: "sint64", ProtoBufTypeBool: "bool", ProtoBufTypeEnum: "enum", ProtoBufTypeFixed64: "fixed64", ProtoBufTypeSFixed64: "sfixed64", ProtoBufTypeDouble: "double", ProtoBufTypeString: "string", ProtoBufTypeBytes: "bytes", ProtoBufTypeMessage: "message", ProtoBufTypePackedRepeated: "packed_repeated", ProtoBufTypeFixed32: "fixed32", ProtoBufTypeSFixed32: "sfixed32", ProtoBufTypeFloat: "float", }
View Source
var TCPPortMap = scalar.UintMap{}/* 680 elements not displayed */
View Source
var UDPPortMap = scalar.UintMap{}/* 679 elements not displayed */
Functions ¶
This section is empty.
Types ¶
type AAC_Frame_In ¶
type AAC_Frame_In struct {
ObjectType int `doc:"Audio object type"`
}
type AVC_DCR_Out ¶
type AVC_DCR_Out struct {
LengthSize uint64
}
type Bitcoin_Block_In ¶
type Bitcoin_Block_In struct {
HasHeader bool `doc:"Has blkdat header"`
}
type FLAC_Frame_In ¶
type FLAC_Frame_Out ¶
type FLAC_Metadatablock_Out ¶
type FLAC_Metadatablock_Out struct {
IsLastBlock bool
HasStreamInfo bool
StreamInfo FLAC_Stream_Info
}
type FLAC_Metadatablocks_Out ¶
type FLAC_Metadatablocks_Out struct {
HasStreamInfo bool
StreamInfo FLAC_Stream_Info
}
type FLAC_Stream_Info ¶
type FLAC_Streaminfo_Out ¶
type FLAC_Streaminfo_Out struct {
StreamInfo FLAC_Stream_Info
}
type HEVC_AU_In ¶
type HEVC_AU_In struct {
LengthSize uint64 `doc:"Length value size"`
}
type HEVC_DCR_Out ¶
type HEVC_DCR_Out struct {
LengthSize uint64
}
type INET_Packet_In ¶
type INET_Packet_In struct {
EtherType int
}
type IP_Packet_In ¶
type IP_Packet_In struct {
Protocol int
}
type Link_Frame_In ¶
type MP3_Frame_Out ¶
type MPEG_ASC_Out ¶
type MPEG_ASC_Out struct {
ObjectType int
}
type MPEG_Decoder_Config ¶
type MPEG_ES_Out ¶
type MPEG_ES_Out struct {
DecoderConfigs []MPEG_Decoder_Config
}
type Matroska_In ¶
type Matroska_In struct {
DecodeSamples bool `doc:"Decode samples"`
}
type Ogg_Page_Out ¶
type Pg_BTree_In ¶
type Pg_BTree_In struct {
Page int `doc:"First page number in file, default is 0"`
}
type Pg_Control_In ¶
type Pg_Control_In struct {
Flavour string `doc:"PostgreSQL flavour: postgres14, pgproee14.., postgres10"`
}
type Pg_Heap_In ¶
type Probe_Args_In ¶
type ProtoBufField ¶
type ProtoBufField struct {
Type int
Name string
Message ProtoBufMessage
Enums map[uint64]string
}
type ProtoBufMessage ¶
type ProtoBufMessage map[int]ProtoBufField
type Protobuf_In ¶
type Protobuf_In struct {
Message ProtoBufMessage
}
type TCP_Stream_In ¶
type TCP_Stream_In struct {
IsClient bool
HasStart bool
HasEnd bool
SkippedBytes uint64
SourcePort int
DestinationPort int
}
func (TCP_Stream_In) IsPort ¶
func (t TCP_Stream_In) IsPort(ports ...int) bool
func (TCP_Stream_In) MustIsPort ¶
func (t TCP_Stream_In) MustIsPort(fn func(format string, a ...any), ports ...int)
type TCP_Stream_Out ¶
type UDP_Payload_In ¶
func (UDP_Payload_In) IsPort ¶
func (u UDP_Payload_In) IsPort(ports ...int) bool
func (UDP_Payload_In) MustIsPort ¶
func (u UDP_Payload_In) MustIsPort(fn func(format string, a ...any), ports ...int)
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
ciphersuites
Package ciphersuites defines TLS and SSL cipher suit properties generated by ciphersuites.jq
|
Package ciphersuites defines TLS and SSL cipher suit properties generated by ciphersuites.jq |
|
keylog
Package keylog parses NSS key log format https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html <Label> <space> <ClientRandom> <space> <Secret> lines
|
Package keylog parses NSS key log format https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html <Label> <space> <ClientRandom> <space> <Secret> lines |
|
rezlib
Package rezlib wraps a zlib reader and makes it possible to read until the last current input flush boundary by reading until EOF.
|
Package rezlib wraps a zlib reader and makes it possible to read until the last current input flush boundary by reading until EOF. |
Click to show internal directories.
Click to hide internal directories.