tools

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 24, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package tools implements MCP tool handlers that wrap Wireshark CLI tools for packet capture, pcap analysis, field extraction, statistics, and more.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewCaptureHandler 

func NewCaptureHandler(exec executor.CommandExecutor, limiter *safety.CaptureLimiter) func(context.Context, *mcp.CallToolRequest, CaptureInput) (*mcp.CallToolResult, struct{}, error)

NewCaptureHandler creates a capture tool handler. If limiter is non-nil, concurrent captures are limited.

func NewCaptureInfoHandler 

func NewCaptureInfoHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, CaptureInfoInput) (*mcp.CallToolResult, struct{}, error)

func NewDecodePacketHandler 

func NewDecodePacketHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, DecodePacketInput) (*mcp.CallToolResult, struct{}, error)

func NewExtractFieldsHandler 

func NewExtractFieldsHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, ExtractFieldsInput) (*mcp.CallToolResult, struct{}, error)

func NewFilterPcapHandler 

func NewFilterPcapHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, FilterPcapInput) (*mcp.CallToolResult, struct{}, error)

func NewListInterfacesHandler 

func NewListInterfacesHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, ListInterfacesInput) (*mcp.CallToolResult, struct{}, error)

func NewListProtocolsHandler 

func NewListProtocolsHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, ListProtocolsInput) (*mcp.CallToolResult, struct{}, error)

func NewMergePcapsHandler 

func NewMergePcapsHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, MergePcapsInput) (*mcp.CallToolResult, struct{}, error)

func NewReadPcapHandler 

func NewReadPcapHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, ReadPcapInput) (*mcp.CallToolResult, struct{}, error)

func NewStatisticsHandler 

func NewStatisticsHandler(exec executor.CommandExecutor) func(context.Context, *mcp.CallToolRequest, StatisticsInput) (*mcp.CallToolResult, struct{}, error)

func RegisterPrompts 

func RegisterPrompts(server *mcp.Server)

RegisterPrompts adds MCP prompts for common network analysis workflows.

func RegisterResources 

func RegisterResources(server *mcp.Server, exec executor.CommandExecutor, captureDir string)

RegisterResources adds MCP resources and resource templates to the server.

Types

type CaptureInfoInput 

type CaptureInfoInput struct {
	FilePath string `json:"file_path" jsonschema:"path to pcap/pcapng file (required)"`
}

type CaptureInput 

type CaptureInput struct {
	Interface     string `json:"interface" jsonschema:"network interface name or index (required)"`
	CaptureFilter string `json:"capture_filter,omitempty" jsonschema:"BPF capture filter expression (e.g. 'tcp port 80')"`
	DisplayFilter string `json:"display_filter,omitempty" jsonschema:"Wireshark display filter (e.g. 'http.request')"`
	Duration      int    `json:"duration,omitempty" jsonschema:"capture duration in seconds (max 30, default 10)"`
	PacketCount   int    `json:"packet_count,omitempty" jsonschema:"max packets to capture (max 1000, default 100)"`
	OutputFile    string `json:"output_file,omitempty" jsonschema:"path to save pcap file (.pcap or .pcapng)"`
	Summarize     bool   `json:"summarize,omitempty" jsonschema:"parse JSON into structured packet summaries (default false)"`
}

type DecodePacketInput 

type DecodePacketInput struct {
	FilePath      string `json:"file_path" jsonschema:"path to pcap/pcapng file (required)"`
	PacketNumber  int    `json:"packet_number,omitempty" jsonschema:"specific packet number to decode (1-based, default: first 5 packets)"`
	DisplayFilter string `json:"display_filter,omitempty" jsonschema:"Wireshark display filter"`
	MaxPackets    int    `json:"max_packets,omitempty" jsonschema:"max packets to decode verbosely (max 10, default 5)"`
}

type ExtractFieldsInput 

type ExtractFieldsInput struct {
	FilePath      string   `json:"file_path" jsonschema:"path to pcap/pcapng file (required)"`
	Fields        []string `json:"fields" jsonschema:"protocol fields to extract (e.g. ['ip.src', 'ip.dst', 'tcp.port'])"`
	DisplayFilter string   `json:"display_filter,omitempty" jsonschema:"Wireshark display filter to apply"`
	MaxPackets    int      `json:"max_packets,omitempty" jsonschema:"maximum packets to process (max 1000, default 100)"`
	Separator     string   `json:"separator,omitempty" jsonschema:"field separator character (default tab)"`
	ShowHeader    bool     `json:"show_header,omitempty" jsonschema:"include field names as header row"`
	Summarize     bool     `json:"summarize,omitempty" jsonschema:"parse output into structured JSON with named fields (default false)"`
}

type FilterPcapInput 

type FilterPcapInput struct {
	InputFile  string `json:"input_file" jsonschema:"source pcap/pcapng file path (required)"`
	OutputFile string `json:"output_file" jsonschema:"destination pcap file path (required)"`
	StartTime  string `json:"start_time,omitempty" jsonschema:"start time filter (e.g. '2024-01-01 00:00:00')"`
	EndTime    string `json:"end_time,omitempty" jsonschema:"end time filter"`
	MaxPackets int    `json:"max_packets,omitempty" jsonschema:"maximum packets to keep (max 1000)"`
}

type ListInterfacesInput 

type ListInterfacesInput struct{}

type ListProtocolsInput 

type ListProtocolsInput struct {
	Filter string `json:"filter,omitempty" jsonschema:"filter protocols by name (case-insensitive substring match)"`
}

type MergePcapsInput 

type MergePcapsInput struct {
	InputFiles []string `json:"input_files" jsonschema:"list of pcap/pcapng file paths to merge (min 2 required)"`
	OutputFile string   `json:"output_file" jsonschema:"destination merged pcap file path (required)"`
}

type ReadPcapInput 

type ReadPcapInput struct {
	FilePath      string `json:"file_path" jsonschema:"path to pcap/pcapng file to read (required)"`
	DisplayFilter string `json:"display_filter,omitempty" jsonschema:"Wireshark display filter (e.g. 'tcp.port == 80')"`
	MaxPackets    int    `json:"max_packets,omitempty" jsonschema:"maximum packets to return (max 1000, default 100)"`
	Summarize     bool   `json:"summarize,omitempty" jsonschema:"parse JSON into structured packet summaries (default false)"`
}

type StatisticsInput 

type StatisticsInput struct {
	FilePath      string `json:"file_path" jsonschema:"path to pcap/pcapng file (required)"`
	StatType      string `` /* 237-byte string literal not displayed */
	DisplayFilter string `json:"display_filter,omitempty" jsonschema:"Wireshark display filter to apply"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.