demuxer

package

v0.5.2 Latest Latest Go to latest Published: Dec 2, 2019 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/m-lab/packet-headers

Links

Open Source Insights

Documentation ¶

Overview ¶

Package demuxer contains the tools for sending packets to the right goroutine to save them to disk.

Index ¶

type FlowKey
- func FlowKeyFrom4Tuple(srcIP net.IP, srcPort uint16, dstIP net.IP, dstPort uint16) FlowKey
- func (f *FlowKey) String() string
type TCP
- func NewTCP(anon anonymize.IPAnonymizer, dataDir string, ...) *TCP
- func (d *TCP) CapturePackets(ctx context.Context, packets <-chan gopacket.Packet, gcTicker <-chan time.Time)
type UUIDEvent

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type FlowKey ¶

type FlowKey struct {
	// contains filtered or unexported fields
}

FlowKey characterizes a TCP/IP flow without judgement about what direction the flow is. The lexicographically lowest IP/Port combination should always be first. It is not meant to be human-readable, and is instead only designed to be used as a key in a map.

func FlowKeyFrom4Tuple ¶

func FlowKeyFrom4Tuple(srcIP net.IP, srcPort uint16, dstIP net.IP, dstPort uint16) FlowKey

FlowKeyFrom4Tuple creates a FlowKey (suitable for use as a map key) from a TCP 4-tuple.

func (*FlowKey) String ¶ added in v0.5.2

func (f *FlowKey) String() string

type TCP ¶

type TCP struct {
	UUIDChan chan<- UUIDEvent
	// contains filtered or unexported fields
}

TCP sends each received TCP/IP packet to the proper saver. If the packet is not a TCP/IP packet, then the demuxer will drop it.

Note for those editing this code: demuxer.TCP methods are NOT threadsafe to avoid needing a lock in the main packet processing loop.

func NewTCP ¶

func NewTCP(anon anonymize.IPAnonymizer, dataDir string, uuidWaitDuration, maxFlowDuration time.Duration) *TCP

NewTCP creates a demuxer.TCP, which is the system which chooses which channel to send TCP/IP packets for subsequent saving to a file.

func (*TCP) CapturePackets ¶

func (d *TCP) CapturePackets(ctx context.Context, packets <-chan gopacket.Packet, gcTicker <-chan time.Time)

CapturePackets captures the packets from the channel `packets` and hands them off to the appropriate saver.TCP object. We can never be entirely sure that a flow will receive no more packets - even the "socket closed" signal from the kernel doesn't mean there will be no more packets. Therefore, we pass in a ticker for garbage collection (`gcTicker`), and when that ticker has fired twice without a flow receiving a packet, then that flow is assumed to be stopped.

This function can be stopped by cancelling the passed-in context or by closing both the passed-in packet channel and the UUIDChan to indicate that no future input is possible.

type UUIDEvent ¶

type UUIDEvent struct {
	saver.UUIDEvent
	Flow FlowKey
}

UUIDEvent is the datatype sent to a demuxer's UUIDChan to notify it about the UUID of new flows.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL