sysproc

package
v1.4.5-alpha1216-hooks... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 16, 2025 License: AGPL-3.0, GPL-3.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TCP = "tcp"
	UDP = "udp"
)
View Source 
const (
	SOCK_DIAG_BY_FAMILY = 20
)

Variables

View Source 
var (
	ErrInvalidNetwork     = errors.New("invalid network")
	ErrPlatformNotSupport = errors.New("not support on this platform")
	ErrNotFound           = errors.New("process not found")
)

Functions

func FindProcessName 

func FindProcessName(network string, srcIP netip.Addr, srcPort int) (uint32, string, error)

func FindProcessNameByConn 

func FindProcessNameByConn(conn net.Conn) (uint32, string, error)

func IpToAddr 

func IpToAddr(slice net.IP) netip.Addr

IpToAddr converts the net.IP to netip.Addr. If slice's length is not 4 or 16, IpToAddr returns netip.Addr{}

Types

type ConnectionsWatcher 

type ConnectionsWatcher struct {
	Pid  int32
	Proc *process.Process
	// contains filtered or unexported fields
}

ConnectionsWatcher 封装了针对单个进程的监控逻辑

func NewWatcher 

func NewWatcher(pid int32, cb NewRemoteIPCallback, interval time.Duration) (*ConnectionsWatcher, error)

NewWatcher 创建一个新的进程监控器实例

func (*ConnectionsWatcher) Start 

func (w *ConnectionsWatcher) Start(ctx context.Context)

Start 启动监控循环,直到 Context 被取消或进程退出

type NewRemoteIPCallback 

type NewRemoteIPCallback func(pid int32, remoteIP string)

NewRemoteIPCallback 是发现新外联 IP 时的回调函数签名

type OnProcessCreateFunc 

type OnProcessCreateFunc func(ctx context.Context, p *ProcessBasicInfo)

type OnProcessExitFunc 

type OnProcessExitFunc func(ctx context.Context, p *ProcessBasicInfo)

OnProcessExitFunc 是进程退出时的回调函数类型

type ProcessBasicInfo 

type ProcessBasicInfo struct {
	Pid     int32
	Exe     string
	Cmdline string
	Name    string
}

func NewProcessBasicInfo 

func NewProcessBasicInfo(p *process.Process) (*ProcessBasicInfo, error)

type ProcessInfo 

type ProcessInfo struct {
	*process.Process
}

func List 

func List() ([]*ProcessInfo, error)

func (*ProcessInfo) GetRemoteNonLocalIPAddresses 

func (p *ProcessInfo) GetRemoteNonLocalIPAddresses() ([]string, error)

type ProcessesWatcher 

type ProcessesWatcher struct {
	// contains filtered or unexported fields
}

func NewProcessesWatcher 

func NewProcessesWatcher() *ProcessesWatcher

NewProcessesWatcher 创建并初始化一个新的进程监控器

func (*ProcessesWatcher) DetectProcessConnections 

func (pw *ProcessesWatcher) DetectProcessConnections(pid int32, limit int) ([]net.ConnectionStat, error)

func (*ProcessesWatcher) DetectPublicProcessConnections 

func (pw *ProcessesWatcher) DetectPublicProcessConnections(pid int32, limit int) ([]net.ConnectionStat, error)

func (*ProcessesWatcher) GetAllProcesses 

func (pw *ProcessesWatcher) GetAllProcesses() ([]*process.Process, error)

GetAllProcesses 获取当前系统所有进程的信息快照

func (*ProcessesWatcher) Start 

func (pw *ProcessesWatcher) Start(ctx context.Context, onProcessCreate OnProcessCreateFunc, onProcessExit OnProcessExitFunc, checkInterval time.Duration)

Start 启动进程监控. onProcessCreate: 匹配的进程出现时的回调. onProcessExit: 匹配的进程消失时的回调. checkInterval: 扫描进程列表的时间间隔.

func (*ProcessesWatcher) Stop 

func (pw *ProcessesWatcher) Stop()

Stop 停止进程监控

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.