pcap

package
v0.0.0-...-388f960 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 6, 2026 License: Apache-2.0 Imports: 27 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	PcapContextID        = transformer.ContextID
	PcapContextLogName   = transformer.ContextLogName
	PcapContextVerbosity = transformer.ContextVerbosity
	PcapContextDebug     = transformer.ContextDebug
)
View Source 
const (
	VERBOSITY_INFO  = transformer.VERBOSITY_INFO
	VERBOSITY_DEBUG = transformer.VERBOSITY_DEBUG
)
View Source 
const (
	PCAP_MIN_EPHEMERAL_PORT uint16 = 0x8000 // 32768 – preferred MIN ephemeral port ( not as high as 0x0C000 / 49152 )
	PCAP_MAX_EPHEMERAL_PORT uint16 = 0xFFFF // 65535 ( Linux: 60999 / 0xEE47 )
)
View Source 
const (
	TCP_FLAG_SYN = TCPFlag("SYN")
	TCP_FLAG_ACK = TCPFlag("ACK")
	TCP_FLAG_PSH = TCPFlag("PSH")
	TCP_FLAG_FIN = TCPFlag("FIN")
	TCP_FLAG_RST = TCPFlag("RST")
	TCP_FLAG_URG = TCPFlag("URG")
	TCP_FLAG_ECE = TCPFlag("ECE")
	TCP_FLAG_CWR = TCPFlag("CWR")

	L3_PROTO_IPv4 = L3Proto(0x04)
	L3_PROTO_IP4  = L3_PROTO_IPv4
	L3_PROTO_IPv6 = L3Proto(0x29)
	L3_PROTO_IP6  = L3_PROTO_IPv6

	L4_PROTO_TCP   = L4Proto(0x06)
	L4_PROTO_UDP   = L4Proto(0x11)
	L4_PROTO_ICMP  = L4Proto(0x01)
	L4_PROTO_ICMP4 = L4_PROTO_ICMP
	L4_PROTO_ICMP6 = L4Proto(0x3A)
)
View Source 
const (
	PcapDefaultFilter = "(tcp or udp or icmp or icmp6) and (ip or ip6 or arp)"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type L3Proto 

type L3Proto = transformer.L3Proto

type L4Proto 

type L4Proto = transformer.L4Proto

type Pcap 

type Pcap struct {
	// contains filtered or unexported fields
}

func (*Pcap) IsActive 

func (p *Pcap) IsActive() bool

func (*Pcap) Start 

func (p *Pcap) Start(
	ctx context.Context,
	writers []PcapWriter,
	stopDeadline <-chan *time.Duration,
) error

type PcapConfig 

type PcapConfig struct {
	Compat        bool
	Debug         bool
	Promisc       bool
	Iface         string
	Snaplen       int
	TsType        string
	Format        string
	Filter        string
	Output        string
	Interval      int
	Extension     string
	Ordered       bool
	ConnTrack     bool
	Device        *PcapDevice
	Filters       []PcapFilterProvider
	CompatFilters PcapFilters
	Ephemerals    *PcapEphemeralPorts
	Verbosity     PcapVerbosity
}

type PcapDevice 

type PcapDevice struct {
	NetInterface *net.Interface
	pcap.Interface
}

func FindDevicesByName 

func FindDevicesByName(deviceName *string) ([]*PcapDevice, error)

func FindDevicesByRegex 

func FindDevicesByRegex(exp *regexp.Regexp) ([]*PcapDevice, error)

type PcapEngine 

type PcapEngine interface {
	Start(context.Context, []PcapWriter, <-chan *time.Duration) error
	IsActive() bool
}

func NewPcap 

func NewPcap(config *PcapConfig) (PcapEngine, error)

func NewTcpdump 

func NewTcpdump(config *PcapConfig) (PcapEngine, error)

type PcapEphemeralPorts 

type PcapEphemeralPorts = transformer.PcapEphemeralPorts

type PcapFilter 

type PcapFilter struct {
	Raw *string
}

type PcapFilterMode 

type PcapFilterMode uint8
const (
	PCAP_FILTER_MODE_AND PcapFilterMode = iota
	PCAP_FILTER_MODE_OR
)

type PcapFilterProvider 

type PcapFilterProvider interface {
	fmt.Stringer
	Get(context.Context) (*string, bool)
	Apply(context.Context, *string, PcapFilterMode) *string
}

type PcapFilters 

type PcapFilters interface {
	AddL3Proto(L3Proto)
	AddL3Protos(...L3Proto)
	AddIPv4(string)
	AddIPv4s(...string)
	AddIPv6(string)
	AddIPv6s(...string)
	AddIPv4Range(string)
	AddIPv4Ranges(...string)
	AddIPv6Range(string)
	AddIPv6Ranges(...string)
	AddL4Proto(L4Proto)
	AddL4Protos(...L4Proto)
	AllowSocket(string, string) bool
	DenySocket(string, string) bool
	AddPort(uint16)
	AddPorts(...uint16)
	DenyPort(uint16)
	DenyPorts(...uint16)
	AllowPort(uint16)
	AllowPorts(...uint16)
	AddTCPFlags(...TCPFlag)
	CombineAndAddTCPFlags(...TCPFlag)
}

PCAP owns the behavior that will be exposed to consumers

func NewPcapFilters 

func NewPcapFilters() PcapFilters

type PcapVerbosity 

type PcapVerbosity = transformer.PcapVerbosity

type PcapWriter 

type PcapWriter interface {
	io.Writer
	io.Closer
	Rotate()
	IsStdOutOrErr() bool
	GetIface() *string
}

func NewPcapWriter 

func NewPcapWriter(ctx context.Context, ifaceAndInfex, template, extension, timezone *string, interval int) (PcapWriter, error)

func NewStdoutPcapWriter 

func NewStdoutPcapWriter(ctx context.Context, ifaceAndIndex *string) (PcapWriter, error)

type TCPFlag 

type TCPFlag = transformer.TCPFlag

type TCPFlags 

type TCPFlags = transformer.TCPFlags

type Tcpdump 

type Tcpdump struct {
	// contains filtered or unexported fields
}

func (*Tcpdump) IsActive 

func (t *Tcpdump) IsActive() bool

func (*Tcpdump) Start 

func (t *Tcpdump) Start(
	ctx context.Context,
	_ []PcapWriter,
	stopDeadline <-chan *time.Duration,
) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.