Documentation

Overview

    Package packet support for TCP/IP packet manipulations needed by the Aporeto infrastructure.

    Index

    Constants

    View Source
    const (
    	// IPProtocolTCP defines the constant for UDP protocol number
    	IPProtocolTCP = 6
    
    	// IPProtocolUDP defines the constant for UDP protocol number
    	IPProtocolUDP = 17
    )

      IP Protocol numbers

      View Source
      const (
      
      	// TCPSynMask is a mask for the TCP Syn flags
      	TCPSynMask = 0x2
      
      	// TCPSynAckMask  mask idenitifies a TCP SYN-ACK packet
      	TCPSynAckMask = 0x12
      
      	// TCPRstMask mask that identifies RST packets
      	TCPRstMask = 0x4
      
      	// TCPAckMask mask that identifies ACK packets
      	TCPAckMask = 0x10
      
      	// TCPFinMask mask that identifies FIN packets
      	TCPFinMask = 0x1
      
      	// TCPPshMask = 0x8 mask that identifies PSH packets
      	TCPPshMask = 0x8
      )

        TCP Header masks

        View Source
        const (
        	// TCPAuthenticationOption is the option number will be using
        	TCPAuthenticationOption = uint8(34)
        
        	// TCPMssOption is the type for MSS option
        	TCPMssOption = uint8(2)
        
        	// TCPMssOptionLen is the type for MSS option
        	TCPMssOptionLen = uint8(4)
        )

          TCP Options Related constants

          View Source
          const (
          	// PacketTypeNetwork is enum for from-network packets
          	PacketTypeNetwork = 0x1000
          	// PacketTypeApplication is enum for from-application packets
          	PacketTypeApplication = 0x2000
          
          	// PacketStageIncoming is an enum for incoming stage
          	PacketStageIncoming = 0x0100
          	// PacketStageAuth is an enum for authentication stage
          	PacketStageAuth = 0x0200
          	// PacketStageService is an enum for crypto stage
          	PacketStageService = 0x0400
          	// PacketStageOutgoing is an enum for outgoing stage
          	PacketStageOutgoing = 0x0800
          
          	// PacketFailureCreate is the drop reason for packet
          	PacketFailureCreate = 0x0010
          	// PacketFailureAuth is a drop reason for packet due to authentication error
          	PacketFailureAuth = 0x0020
          	// PacketFailureService is a drop reason for packet due to crypto error
          	PacketFailureService = 0x00040
          )
          View Source
          const (
          
          	// ipIDPos is location of IP Identifier
          	IPIDPos = 4
          )

            IP Header field position constants

            View Source
            const (
            
            	// TCPChecksumPos is the location of TCP checksum
            	TCPChecksumPos = 36
            )

              TCP Header field position constants

              Variables

              View Source
              var (
              	// PacketLogLevel determines if packet logging is turned on
              	PacketLogLevel bool
              )

              Functions

              func TCPFlagsToStr

              func TCPFlagsToStr(flags uint8) string

                TCPFlagsToStr converts the TCP Flags to a string value that is human readable

                Types

                type Packet

                type Packet struct {
                
                	// Mark is the nfqueue Mark
                	Mark string
                
                	// Buffers : input/output buffer
                	Buffer []byte
                
                	IPProto       uint8
                	IPTotalLength uint16
                
                	SourceAddress      net.IP
                	DestinationAddress net.IP
                
                	// L4 Header Fields
                	SourcePort      uint16
                	DestinationPort uint16
                
                	// TCP Specific fields
                	TCPSeq uint32
                	TCPAck uint32
                
                	TCPFlags    uint8
                	TCPChecksum uint16
                
                	// Service Metadata
                	SvcMetadata interface{}
                	// Connection Metadata
                	ConnectionMetadata interface{}
                	// contains filtered or unexported fields
                }

                  Packet is the main structure holding packet information

                  func New

                  func New(context uint64, bytes []byte, mark string) (packet *Packet, err error)

                    New returns a pointer to Packet structure built from the provided bytes buffer which is expected to contain valid TCP/IP packet bytes.

                    func (*Packet) CheckTCPAuthenticationOption

                    func (p *Packet) CheckTCPAuthenticationOption(iOptionLength int) (err error)

                      CheckTCPAuthenticationOption ensures authentication option exists at the offset provided

                      func (*Packet) ConvertAcktoFinAck

                      func (p *Packet) ConvertAcktoFinAck() error

                        ConvertAcktoFinAck function removes the data from the packet It is called only if the packet is Ack or Psh/Ack converts psh/ack to fin/ack packet.

                        func (*Packet) DecreaseTCPAck

                        func (p *Packet) DecreaseTCPAck(decr uint32)

                          DecreaseTCPAck decreases TCP ack number by decr

                          func (*Packet) DecreaseTCPSeq

                          func (p *Packet) DecreaseTCPSeq(decr uint32)

                            DecreaseTCPSeq decreases TCP seq number by decr

                            func (*Packet) DropDetachedBytes

                            func (p *Packet) DropDetachedBytes()

                              DropDetachedBytes removes any bytes that have been detached and stored locally

                              func (*Packet) DropDetachedDataBytes

                              func (p *Packet) DropDetachedDataBytes()

                                DropDetachedDataBytes removes any bytes that have been detached and stored locally

                                func (*Packet) FixupIPHdrOnDataModify

                                func (p *Packet) FixupIPHdrOnDataModify(old, new uint16)

                                  FixupIPHdrOnDataModify modifies the IP header fields and checksum

                                  func (*Packet) FixupTCPHdrOnTCPDataAttach

                                  func (p *Packet) FixupTCPHdrOnTCPDataAttach(tcpOptions []byte, tcpData []byte)

                                    FixupTCPHdrOnTCPDataAttach modifies the TCP header fields and checksum

                                    func (*Packet) FixupTCPHdrOnTCPDataDetach

                                    func (p *Packet) FixupTCPHdrOnTCPDataDetach(dataLength uint16, optionLength uint16)

                                      FixupTCPHdrOnTCPDataDetach modifies the TCP header fields and checksum

                                      func (*Packet) GetBytes

                                      func (p *Packet) GetBytes() []byte

                                        GetBytes returns the bytes in the packet. It consolidates in case of changes as well

                                        func (*Packet) GetIPLength

                                        func (p *Packet) GetIPLength() uint16

                                          GetIPLength returns the IP length

                                          func (*Packet) GetTCPData

                                          func (p *Packet) GetTCPData() []byte

                                            GetTCPData returns any additional data in the packet

                                            func (*Packet) GetTCPOptions

                                            func (p *Packet) GetTCPOptions() []byte

                                              GetTCPOptions returns any additional options in the packet

                                              func (*Packet) ID

                                              func (p *Packet) ID() string

                                                ID returns the IP ID of the packet

                                                func (*Packet) IncreaseTCPAck

                                                func (p *Packet) IncreaseTCPAck(incr uint32)

                                                  IncreaseTCPAck increases TCP ack number by incr

                                                  func (*Packet) IncreaseTCPSeq

                                                  func (p *Packet) IncreaseTCPSeq(incr uint32)

                                                    IncreaseTCPSeq increases TCP seq number by incr

                                                    func (*Packet) IsEmptyTCPPayload

                                                    func (p *Packet) IsEmptyTCPPayload() bool

                                                      IsEmptyTCPPayload returns the TCP data offset

                                                      func (*Packet) L4FlowHash

                                                      func (p *Packet) L4FlowHash() string

                                                        L4FlowHash calculate a hash string based on the 4-tuple

                                                        func (*Packet) L4ReverseFlowHash

                                                        func (p *Packet) L4ReverseFlowHash() string

                                                          L4ReverseFlowHash calculate a hash string based on the 4-tuple by reversing source and destination information

                                                          func (*Packet) Print

                                                          func (p *Packet) Print(context uint64)

                                                            Print is a print helper function

                                                            func (*Packet) ReadTCPData

                                                            func (p *Packet) ReadTCPData() []byte

                                                              ReadTCPData returns ths payload in a string variable It does not remove the payload from the packet

                                                              func (*Packet) ReadTCPDataString

                                                              func (p *Packet) ReadTCPDataString() string

                                                                ReadTCPDataString returns ths payload in a string variable It does not remove the payload from the packet

                                                                func (*Packet) SetTCPData

                                                                func (p *Packet) SetTCPData(b []byte)

                                                                  SetTCPData returns any additional data in the packet

                                                                  func (*Packet) SourcePortHash

                                                                  func (p *Packet) SourcePortHash(stage uint64) string

                                                                    SourcePortHash calculates a hash based on dest ip/port for net packet and src ip/port for app packet.

                                                                    func (*Packet) String

                                                                    func (p *Packet) String() string

                                                                      String returns a string representation of fields contained in this packet.

                                                                      func (*Packet) TCPDataAttach

                                                                      func (p *Packet) TCPDataAttach(tcpOptions []byte, tcpData []byte) (err error)

                                                                        TCPDataAttach modifies the TCP and IP header fields and checksum

                                                                        func (*Packet) TCPDataDetach

                                                                        func (p *Packet) TCPDataDetach(optionLength uint16) (err error)

                                                                          TCPDataDetach performs the following:

                                                                          - Removes all TCP data from Buffer to TCPData.
                                                                          - Removes "optionLength" bytes of options from TCP header to tcpOptions
                                                                          - Updates IP Hdr (lengths, checksums)
                                                                          - Updates TCP header (checksums)
                                                                          

                                                                          func (*Packet) TCPDataLength

                                                                          func (p *Packet) TCPDataLength() int

                                                                            TCPDataLength -- returns the length of tcp options

                                                                            func (*Packet) TCPDataStartBytes

                                                                            func (p *Packet) TCPDataStartBytes() uint16

                                                                              TCPDataStartBytes provides the tcp data start offset in bytes

                                                                              func (*Packet) TCPOptionLength

                                                                              func (p *Packet) TCPOptionLength() int

                                                                                TCPOptionLength returns the length of tcpoptions

                                                                                func (*Packet) UpdateIPChecksum

                                                                                func (p *Packet) UpdateIPChecksum()

                                                                                  UpdateIPChecksum computes the IP header checksum and updates the packet with the value.

                                                                                  func (*Packet) UpdateTCPChecksum

                                                                                  func (p *Packet) UpdateTCPChecksum()

                                                                                    UpdateTCPChecksum computes the TCP header checksum and updates the packet with the value.

                                                                                    func (*Packet) VerifyIPChecksum

                                                                                    func (p *Packet) VerifyIPChecksum() bool

                                                                                      VerifyIPChecksum returns true if the IP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.

                                                                                      func (*Packet) VerifyTCPChecksum

                                                                                      func (p *Packet) VerifyTCPChecksum() bool

                                                                                        VerifyTCPChecksum returns true if the TCP header checksum is correct for this packet, false otherwise. Note that the checksum is not modified.