Documentation
¶
Overview ¶
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- type Config
- type Engine
- type PacketExtractor
- func (pe *PacketExtractor) AddApplicationLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) AddNetworkLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) AddTransportLayer(typ string, layer gopacket.Layer) error
- func (pe *PacketExtractor) GetIPv4() *layers.IPv4
- func (pe *PacketExtractor) GetIfaceName() string
- func (pe *PacketExtractor) GetMetadata() (meta types.MetaRule)
- func (pe *PacketExtractor) GetPacketMetadata() *gopacket.PacketMetadata
- func (pe *PacketExtractor) GetPacketPayload() []byte
- func (pe *PacketExtractor) GetSCTP() *layers.SCTP
- func (pe *PacketExtractor) GetTCP() *layers.TCP
- func (pe *PacketExtractor) GetUDP() *layers.UDP
Constants ¶
const ( IPV4 = "ipv4" TCP = "tcp" UDP = "udp" SCTP = "sctp" )
const ( MainEventOuterMsg = "mole" MainEventInnerMsg = "event" MainEventInitCompletedMsg = "starting mole ids engine" StartMsg = "engine is listening for packages" NoMatchFoundMsg = "unable to find yara rule for proto:%s src:%s sport:%s dst:%s dport:%s" ScannerScanMemFaildMsg = "error while scanning payload: %s" UnableToDecodePacketMsg = "unable to fully decode packet. Error in layer: %d" ConfigInitFailedMsg = "while configuring the engine" RulesManagerInitFailMsg = "while initialating rules manager got" CreateTreeFailMsg = "while generating the Decision tree got" InterfacesInitFailMsg = "while initialating interfaces got" LoadingRulesFailedMsg = "while loading rules got" GettingHandlerFailMsg = "while getting the snffer handler got" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Engine ¶
type Engine struct {
// Config engine's configuration most of its values come from the arguments
// or configuration file
Config *Config
// Iface is the interface where Mole reads packets
Iface *interfaces.Interfaces
// RulesManager handles everything related with rules
RulesManager *rules.Manager
// RuleMap used to fire Yara rules based on the identifier token return by
// the look up query
RuleMap types.RuleMapScanner
// Handle is the interface handeler that allow Mole to capture traffic
Handle gopacket.PacketDataSource
}
Engine is in charge to handle the mole core functionalities
type PacketExtractor ¶
type PacketExtractor struct {
Packet gopacket.Packet
Metadata *gopacket.PacketMetadata
NetworkLayer string
TransportLayer string
ApplicationLayer string
Network gopacket.Layer
Transport gopacket.Layer
Application gopacket.Layer
// contains filtered or unexported fields
}
func NewPacketExtractor ¶
func NewPacketExtractor(pkt gopacket.Packet) *PacketExtractor
func (*PacketExtractor) AddApplicationLayer ¶
func (pe *PacketExtractor) AddApplicationLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) AddNetworkLayer ¶
func (pe *PacketExtractor) AddNetworkLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) AddTransportLayer ¶
func (pe *PacketExtractor) AddTransportLayer(typ string, layer gopacket.Layer) error
func (*PacketExtractor) GetIPv4 ¶
func (pe *PacketExtractor) GetIPv4() *layers.IPv4
func (*PacketExtractor) GetIfaceName ¶
func (pe *PacketExtractor) GetIfaceName() string
func (*PacketExtractor) GetMetadata ¶
func (pe *PacketExtractor) GetMetadata() (meta types.MetaRule)
func (*PacketExtractor) GetPacketMetadata ¶
func (pe *PacketExtractor) GetPacketMetadata() *gopacket.PacketMetadata
func (*PacketExtractor) GetPacketPayload ¶
func (pe *PacketExtractor) GetPacketPayload() []byte
func (*PacketExtractor) GetSCTP ¶
func (pe *PacketExtractor) GetSCTP() *layers.SCTP
func (*PacketExtractor) GetTCP ¶
func (pe *PacketExtractor) GetTCP() *layers.TCP
func (*PacketExtractor) GetUDP ¶
func (pe *PacketExtractor) GetUDP() *layers.UDP
Source Files