Documentation

Overview

    Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

    Index

    Constants

    View Source
    const (
    	// IPProtocolTCP defines the constant for TCP protocol number
    	IPProtocolTCP = 6
    
    	// IPProtocolUDP defines the constant for UDP protocol number
    	IPProtocolUDP = 17
    
    	// IPProtocolICMP defines the constants for ICMP protocol number
    	IPProtocolICMP = 1
    )

      IP Protocol numbers

      View Source
      const (
      
      	// TCPSynMask is a mask for the TCP Syn flags
      	TCPSynMask = 0x2
      
      	// TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
      	TCPSynAckMask = 0x12
      
      	// TCPRstMask mask that identifies RST packets
      	TCPRstMask = 0x4
      
      	// TCPAckMask mask that identifies ACK packets
      	TCPAckMask = 0x10
      
      	// TCPFinMask mask that identifies FIN packets
      	TCPFinMask = 0x1
      
      	// TCPPshMask = 0x8 mask that identifies PSH packets
      	TCPPshMask = 0x8
      )

        TCP Header masks

        View Source
        const (
        	// TCPAuthenticationOption is the option number will be using
        	TCPAuthenticationOption = uint8(34)
        
        	// TCPMssOption is the type for MSS option
        	TCPMssOption = uint8(2)
        
        	// TCPMssOptionLen is the type for MSS option
        	TCPMssOptionLen = uint8(4)
        )

          TCP Options Related constants

          View Source
          const (
          
          	// UDPDataPos is the location of UDP data
          	UDPDataPos = 8
          	// UDPSynMask is a mask for the UDP Syn flags
          	UDPSynMask = 0x10
          	// UDPSynAckMask  mask idenitifies a UDP SYN-ACK packet
          	UDPSynAckMask = 0x20
          	// UDPAckMask mask that identifies ACK packets.
          	UDPAckMask = 0x30
          	// UDPFinAckMask mask that identifies the FinAck packets
          	UDPFinAckMask = 0x40
          	// UDPDataPacket is a simple data packet
          	UDPDataPacket = 0x80
          	// UDPPacketMask identifies type of UDP packet.
          	UDPPacketMask = 0xF0
          )

            UDP related constants.

            View Source
            const (
            	// UDPAuthMarker is 18 byte Aporeto signature for UDP
            	UDPAuthMarker = "n30njxq7bmiwr6dtxq"
            	// UDPAuthMarkerLen is the length of UDP marker.
            	UDPAuthMarkerLen = 18
            	// UDPSignatureLen is the length of signature on UDP control packet.
            	UDPSignatureLen = 20
            )
            View Source
            const (
            	// PacketTypeNetwork is enum for from-network packets
            	PacketTypeNetwork = 0x1000
            	// PacketTypeApplication is enum for from-application packets
            	PacketTypeApplication = 0x2000
            
            	// PacketStageIncoming is an enum for incoming stage
            	PacketStageIncoming = 0x0100
            	// PacketStageAuth is an enum for authentication stage
            	PacketStageAuth = 0x0200
            	// PacketStageService is an enum for crypto stage
            	PacketStageService = 0x0400
            	// PacketStageOutgoing is an enum for outgoing stage
            	PacketStageOutgoing = 0x0800
            
            	// PacketFailureCreate is the drop reason for packet
            	PacketFailureCreate = 0x0010
            	// PacketFailureAuth is a drop reason for packet due to authentication error
            	PacketFailureAuth = 0x0020
            	// PacketFailureService is a drop reason for packet due to crypto error
            	PacketFailureService = 0x00040
            )

            Variables

            This section is empty.

            Functions

            func CreateUDPAuthMarker

            func CreateUDPAuthMarker(packetType uint8) []byte

              CreateUDPAuthMarker creates a UDP auth marker.

              func GetUDPTypeFromBuffer

              func GetUDPTypeFromBuffer(buffer []byte) byte

                GetUDPTypeFromBuffer gets the UDP packet from a raw buffer.,

                func TCPFlagsToStr

                func TCPFlagsToStr(flags uint8) string

                  TCPFlagsToStr converts the TCP Flags to a string value that is human readable

                  Types

                  type IPver

                  type IPver int

                    IPver is the type defined for ip version

                    const (
                    	// V4 is the flag for ipv4
                    	V4 IPver = iota
                    	// V6 is the flag for ipv6
                    	V6
                    )

                    type Packet

                    type Packet struct {
                    
                    	// Mark is the nfqueue Mark
                    	Mark string
                    
                    	// Service Metadata
                    	SvcMetadata interface{}
                    	// Connection Metadata
                    	ConnectionMetadata interface{}
                    	// Platform Metadata (needed for Windows)
                    	PlatformMetadata interface{}
                    	// contains filtered or unexported fields
                    }

                      Packet structure

                      func New

                      func New(context uint64, bytes []byte, mark string, lengthValidate bool) (packet *Packet, err error)

                        New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

                        func TestGetTCPPacket

                        func TestGetTCPPacket(srcIP, dstIP net.IP, srcPort, dstPort uint16) *Packet

                          TestGetTCPPacket is used by other test code when they need to create a packet

                          func (*Packet) CheckTCPAuthenticationOption

                          func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

                            CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

                            func (*Packet) ConvertAcktoFinAck

                            func (p *Packet) ConvertAcktoFinAck() error

                              ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

                              func (*Packet) CreateReverseFlowPacket

                              func (p *Packet) CreateReverseFlowPacket()

                                CreateReverseFlowPacket modifies the packet for reverse flow.

                                func (*Packet) DecreaseTCPAck

                                func (p *Packet) DecreaseTCPAck(decr uint32)

                                  DecreaseTCPAck decreases TCP ack number by decr

                                  func (*Packet) DecreaseTCPSeq

                                  func (p *Packet) DecreaseTCPSeq(decr uint32)

                                    DecreaseTCPSeq decreases TCP seq number by decr

                                    func (*Packet) DestPort

                                    func (p *Packet) DestPort() uint16

                                      DestPort -- returns the appropriate destination port

                                      func (*Packet) DestinationAddress

                                      func (p *Packet) DestinationAddress() net.IP

                                        DestinationAddress returns the destination address

                                        func (*Packet) DropTCPDetachedBytes

                                        func (p *Packet) DropTCPDetachedBytes()

                                          DropTCPDetachedBytes removes any bytes that have been detached and stored locally

                                          func (*Packet) DropTCPDetachedDataBytes

                                          func (p *Packet) DropTCPDetachedDataBytes()

                                            DropTCPDetachedDataBytes removes any bytes that have been detached and stored locally

                                            func (*Packet) FixupIPHdrOnDataModify

                                            func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

                                              FixupIPHdrOnDataModify modifies the IP header fields and checksum

                                              func (*Packet) FixuptcpHdrOnTCPDataAttach

                                              func (p *Packet) FixuptcpHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

                                                FixuptcpHdrOnTCPDataAttach modifies the TCP header fields and checksum

                                                func (*Packet) FixuptcpHdrOnTCPDataDetach

                                                func (p *Packet) FixuptcpHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

                                                  FixuptcpHdrOnTCPDataDetach modifies the TCP header fields and checksum

                                                  func (*Packet) GetBuffer

                                                  func (p *Packet) GetBuffer(offset int) []byte

                                                    GetBuffer returns the slice representing the buffer at offset specified

                                                    func (*Packet) GetIPLength

                                                    func (p *Packet) GetIPLength() uint16

                                                      GetIPLength returns the IP length

                                                      func (*Packet) GetTCPBytes

                                                      func (p *Packet) GetTCPBytes() []byte

                                                        GetTCPBytes returns the bytes in the packet. It consolidates in case of changes as well

                                                        func (*Packet) GetTCPData

                                                        func (p *Packet) GetTCPData() []byte

                                                          GetTCPData returns any additional data in the packet

                                                          func (*Packet) GetTCPFlags

                                                          func (p *Packet) GetTCPFlags() uint8

                                                            GetTCPFlags returns the tcp flags from the packet

                                                            func (*Packet) GetTCPOptions

                                                            func (p *Packet) GetTCPOptions() []byte

                                                              GetTCPOptions returns any additional options in the packet

                                                              func (*Packet) GetUDPData

                                                              func (p *Packet) GetUDPData() []byte

                                                                GetUDPData return additional data in packet

                                                                func (*Packet) GetUDPDataStartBytes

                                                                func (p *Packet) GetUDPDataStartBytes() uint16

                                                                  GetUDPDataStartBytes return start of UDP data

                                                                  func (*Packet) GetUDPType

                                                                  func (p *Packet) GetUDPType() byte

                                                                    GetUDPType returns udp type of packet.

                                                                    func (*Packet) ID

                                                                    func (p *Packet) ID() string

                                                                      ID returns the IP ID of the packet

                                                                      func (*Packet) IPHeaderLen

                                                                      func (p *Packet) IPHeaderLen() uint8

                                                                        IPHeaderLen returns the ip header length

                                                                        func (*Packet) IPProto

                                                                        func (p *Packet) IPProto() uint8

                                                                          IPProto returns the L4 protocol

                                                                          func (*Packet) IPTotalLen

                                                                          func (p *Packet) IPTotalLen() uint16

                                                                            IPTotalLen returns the total length of the packet

                                                                            func (*Packet) IPversion

                                                                            func (p *Packet) IPversion() IPver

                                                                              IPversion returns the version of ip packet

                                                                              func (*Packet) IncreaseTCPAck

                                                                              func (p *Packet) IncreaseTCPAck(incr uint32)

                                                                                IncreaseTCPAck increases TCP ack number by incr

                                                                                func (*Packet) IncreaseTCPSeq

                                                                                func (p *Packet) IncreaseTCPSeq(incr uint32)

                                                                                  IncreaseTCPSeq increases TCP seq number by incr

                                                                                  func (*Packet) IsEmptyTCPPayload

                                                                                  func (p *Packet) IsEmptyTCPPayload() bool

                                                                                    IsEmptyTCPPayload returns the TCP data offset

                                                                                    func (*Packet) L4FlowHash

                                                                                    func (p *Packet) L4FlowHash() string

                                                                                      L4FlowHash calculate a hash string based on the 4-tuple. It returns the cached value and does not re-calculate it. This leads to performance gains.

                                                                                      func (*Packet) L4ReverseFlowHash

                                                                                      func (p *Packet) L4ReverseFlowHash() string

                                                                                        L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

                                                                                        func (*Packet) PacketToStringTCP

                                                                                        func (p *Packet) PacketToStringTCP() string

                                                                                          PacketToStringTCP returns a string representation of fields contained in this packet.

                                                                                          func (*Packet) Print

                                                                                          func (p *Packet) Print(context uint64, packetLogLevel bool)

                                                                                            Print is a print helper function

                                                                                            func (*Packet) ReadTCPData

                                                                                            func (p *Packet) ReadTCPData() []byte

                                                                                              ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

                                                                                              func (*Packet) ReadTCPDataString

                                                                                              func (p *Packet) ReadTCPDataString() string

                                                                                                ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

                                                                                                func (*Packet) ReadUDPToken

                                                                                                func (p *Packet) ReadUDPToken() []byte

                                                                                                  ReadUDPToken returnthe UDP token. Gets called only during the handshake process.

                                                                                                  func (*Packet) SetTCPData

                                                                                                  func (p *Packet) SetTCPData(b []byte)

                                                                                                    SetTCPData returns any additional data in the packet

                                                                                                    func (*Packet) SetTCPFlags

                                                                                                    func (p *Packet) SetTCPFlags(flags uint8)

                                                                                                      SetTCPFlags allows to set the tcp flags on the packet

                                                                                                      func (*Packet) SourceAddress

                                                                                                      func (p *Packet) SourceAddress() net.IP

                                                                                                        SourceAddress returns the source IP

                                                                                                        func (*Packet) SourcePort

                                                                                                        func (p *Packet) SourcePort() uint16

                                                                                                          SourcePort -- returns the appropriate source port

                                                                                                          func (*Packet) SourcePortHash

                                                                                                          func (p *Packet) SourcePortHash(stage uint64) string

                                                                                                            SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

                                                                                                            func (*Packet) TCPDataAttach

                                                                                                            func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

                                                                                                              TCPDataAttach modifies the TCP and IP header fields and checksum

                                                                                                              func (*Packet) TCPDataDetach

                                                                                                              func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

                                                                                                                TCPDataDetach performs the following:

                                                                                                                - Removes all TCP data from Buffer to TCPData.
                                                                                                                - Removes "optionLength" bytes of options from TCP header to tcpOptions
                                                                                                                - Updates IP Hdr (lengths, checksums)
                                                                                                                - Updates TCP header (checksums)
                                                                                                                

                                                                                                                func (*Packet) TCPDataLength

                                                                                                                func (p *Packet) TCPDataLength() int

                                                                                                                  TCPDataLength -- returns the length of tcp options

                                                                                                                  func (*Packet) TCPDataStartBytes

                                                                                                                  func (p *Packet) TCPDataStartBytes() uint16

                                                                                                                    TCPDataStartBytes provides the tcp data start offset in bytes

                                                                                                                    func (*Packet) TCPOptionLength

                                                                                                                    func (p *Packet) TCPOptionLength() int

                                                                                                                      TCPOptionLength returns the length of tcpoptions

                                                                                                                      func (*Packet) UDPDataAttach

                                                                                                                      func (p *Packet) UDPDataAttach(header, udpdata []byte)

                                                                                                                        UDPDataAttach Attaches UDP data post encryption.

                                                                                                                        func (*Packet) UDPDataDetach

                                                                                                                        func (p *Packet) UDPDataDetach()

                                                                                                                          UDPDataDetach detaches UDP payload from the Buffer. Called only during Encrypt/Decrypt.

                                                                                                                          func (*Packet) UDPTokenAttach

                                                                                                                          func (p *Packet) UDPTokenAttach(udpdata []byte, udptoken []byte)

                                                                                                                            UDPTokenAttach attached udp packet signature and tokens.

                                                                                                                            func (*Packet) UpdateIPv4Checksum

                                                                                                                            func (p *Packet) UpdateIPv4Checksum()

                                                                                                                              UpdateIPv4Checksum computes the IP header checksum and updates the packet with the value.

                                                                                                                              func (*Packet) UpdateTCPChecksum

                                                                                                                              func (p *Packet) UpdateTCPChecksum()

                                                                                                                                UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

                                                                                                                                func (*Packet) VerifyIPv4Checksum

                                                                                                                                func (p *Packet) VerifyIPv4Checksum() bool

                                                                                                                                  VerifyIPv4Checksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

                                                                                                                                  func (*Packet) VerifyTCPChecksum

                                                                                                                                  func (p *Packet) VerifyTCPChecksum() bool

                                                                                                                                    VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.