本文整理汇总了Golang中github.com/google/gopacket.NewDecodingLayerParser函数的典型用法代码示例。如果您正苦于以下问题:Golang NewDecodingLayerParser函数的具体用法?Golang NewDecodingLayerParser怎么用?Golang NewDecodingLayerParser使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NewDecodingLayerParser函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: BenchmarkDecodeToDNS
func BenchmarkDecodeToDNS(b *testing.B) {
var ethLayer layers.Ethernet
var ipLayer layers.IPv4
var udpLayer layers.UDP
var tcpLayer layers.TCP
var dns layers.DNS
var payload gopacket.Payload
parser := gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
ðLayer,
&ipLayer,
&udpLayer,
&tcpLayer,
&dns,
&payload,
)
foundLayerTypes := []gopacket.LayerType{}
packetSource := getPacketData("a")
packetSource.DecodeOptions.Lazy = true
packet := <-packetSource.Packets()
b.ResetTimer()
for i := 0; i < b.N; i++ {
parser.DecodeLayers(packet.Data(), &foundLayerTypes)
}
}示例2: mangleDNS
/*
FUNCTION: mangleDNS(){
RETURNS: Nothing
ARGUMENTS: None
ABOUT:
Performs the DNS spoofing against the victims machine. Sets all dns traffic to redirect to the host
machines IP address.
*/
func mangleDNS() {
var ethernetLayer layers.Ethernet
var ipLayer layers.IPv4
var dnsLayer layers.DNS
var udpLayer layers.UDP
decoder := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, ðernetLayer, &ipLayer, &udpLayer, &dnsLayer)
decoded := make([]gopacket.LayerType, 0, 4)
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for {
packet, err := packetSource.NextPacket()
checkError(err)
err = decoder.DecodeLayers(packet.Data(), &decoded)
checkError(err)
if len(decoded) != 4 {
fmt.Print("Not enough layers\n")
continue
}
buffer := craftAnswer(ðernetLayer, &ipLayer, &dnsLayer, &udpLayer)
if buffer == nil { // if original query was invalid
fmt.Print("Buffer error, returned nil.\n")
continue
}
err = handle.WritePacketData(buffer)
checkError(err)
}
}示例3: decodePackets
func (i *Sniffer) decodePackets() {
var eth layers.Ethernet
var ip layers.IPv4
var tcp layers.TCP
var payload gopacket.Payload
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, ð, &ip, &tcp, &payload)
decoded := make([]gopacket.LayerType, 0, 4)
for {
select {
case <-i.stopDecodeChan:
return
case timedRawPacket := <-i.decodePacketChan:
newPayload := new(gopacket.Payload)
payload = *newPayload
err := parser.DecodeLayers(timedRawPacket.RawPacket, &decoded)
if err != nil {
continue
}
flow := types.NewTcpIpFlowFromFlows(ip.NetworkFlow(), tcp.TransportFlow())
packetManifest := types.PacketManifest{
Timestamp: timedRawPacket.Timestamp,
Flow: flow,
RawPacket: timedRawPacket.RawPacket,
IP: ip,
TCP: tcp,
Payload: payload,
}
i.dispatcher.ReceivePacket(&packetManifest)
}
}
}示例4: snooper
func (b *Bridge) snooper() {
var (
dot1q layers.Dot1Q
eth layers.Ethernet
ip4 layers.IPv4
ip6 layers.IPv6
arp layers.ARP
)
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet,
&dot1q,
ð,
&ip4,
&ip6,
&arp,
)
decodedLayers := []gopacket.LayerType{}
for {
data, _, err := b.handle.ReadPacketData()
if err != nil {
if err != io.EOF {
log.Error("error reading packet data: ", err)
}
break
}
if err := parser.DecodeLayers(data, &decodedLayers); err != nil {
if err2, ok := err.(gopacket.UnsupportedLayerType); ok {
switch gopacket.LayerType(err2) {
case layers.LayerTypeICMPv6, gopacket.LayerTypePayload:
// ignore
err = nil
default:
continue
}
}
if err != nil {
log.Error("error parsing packet: %v", err)
continue
}
}
for _, layerType := range decodedLayers {
switch layerType {
case layers.LayerTypeICMPv6:
b.updateIP(eth.SrcMAC.String(), ip6.SrcIP)
case layers.LayerTypeARP:
b.updateIP(eth.SrcMAC.String(), net.IP(arp.SourceProtAddress))
}
}
}
log.Info("%v snoop out", b.Name)
}示例5: NewMetroDecoder
func NewMetroDecoder() *MetroDecoder {
d := &MetroDecoder{
decoded: make([]gopacket.LayerType, 0, 4),
}
d.parser = gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet,
&d.eth, &d.dot1q, &d.ip4, &d.ip6,
&d.ip6extensions, &d.tcp, &d.payload)
return d
}示例6: NewSession
func NewSession(c Config) *Session {
s := &Session{
Config: c,
streams: map[streamID]*stream{},
nextCleaning: time.Now().Add(cleanInterval),
}
s.source = gopacket.NewPacketSource(s.Handle, s.Handle.LinkType())
s.parser = gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, &s.eth, &s.ip4, &s.ip6, &s.tcp, &s.payload)
return s
}示例7: Parse
func (pd *packetData) Parse() error {
if pd.datatype == "tcp" {
pd.dns = &layers.DNS{}
pd.payload = &gopacket.Payload{}
//for parsing the reassembled TCP streams
dnsParser := gopacket.NewDecodingLayerParser(
layers.LayerTypeDNS,
pd.dns,
pd.payload,
)
dnsParser.DecodeLayers(pd.tcpdata.DnsData, &pd.foundLayerTypes)
return nil
} else if pd.datatype == "packet" {
pd.ethLayer = &layers.Ethernet{}
pd.ipLayer = &layers.IPv4{}
pd.udpLayer = &layers.UDP{}
pd.tcpLayer = &layers.TCP{}
pd.dns = &layers.DNS{}
pd.payload = &gopacket.Payload{}
//we're constraining the set of layer decoders that gopacket will apply
//to this traffic. this MASSIVELY speeds up the parsing phase
parser := gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
pd.ethLayer,
pd.ipLayer,
pd.udpLayer,
pd.tcpLayer,
pd.dns,
pd.payload,
)
parser.DecodeLayers(pd.packet.Data(), &pd.foundLayerTypes)
return nil
} else {
return errors.New("Bad packet type: " + pd.datatype)
}
}示例8: SequenceFromPacket
// SequenceFromPacket returns a Sequence number and nil error if the given
// packet is able to be parsed. Otherwise returns 0 and an error.
func SequenceFromPacket(packet []byte) (uint32, error) {
var ip layers.IPv4
var tcp layers.TCP
decoded := []gopacket.LayerType{}
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeIPv4, &ip, &tcp)
err := parser.DecodeLayers(packet, &decoded)
if err != nil {
return 0, err
}
return tcp.Seq, nil
}示例9: New
// New returns a new sniffing reporter that samples traffic by turning its
// packet capture facilities on and off. Note that the on and off durations
// represent a way to bound CPU burn. Effective sample rate needs to be
// calculated as (packets decoded / packets observed).
func New(hostID string, localNets report.Networks, src gopacket.ZeroCopyPacketDataSource, on, off time.Duration) *Sniffer {
s := &Sniffer{
hostID: hostID,
localNets: localNets,
reports: make(chan chan report.Report),
}
s.parser = gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
&s.eth, &s.ip4, &s.ip6, &s.tcp, &s.udp, &s.icmp4, &s.icmp6,
)
go s.loop(src, on, off)
return s
}示例10: NewTcpIpFlowFromPacket
// getPacketFlow returns a TcpIpFlow struct given a byte array packet
func NewTcpIpFlowFromPacket(packet []byte) (*TcpIpFlow, error) {
var ip layers.IPv4
var tcp layers.TCP
decoded := []gopacket.LayerType{}
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeIPv4, &ip, &tcp)
err := parser.DecodeLayers(packet, &decoded)
if err != nil {
return &TcpIpFlow{}, err
}
return &TcpIpFlow{
ipFlow: ip.NetworkFlow(),
tcpFlow: tcp.TransportFlow(),
}, nil
}示例11: Listen
// Listen in an infinite loop for new packets
func Listen(config *Config) error {
// Array to store which layers were decoded
decoded := []gopacket.LayerType{}
// Faster, predefined layer parser that doesn't make copies of the layer slices
parser := gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
ð,
&ip,
&tcp,
&udp,
&icmp,
&dns,
&payload)
// Infinite loop that reads incoming packets
for config.isRunning {
data, ci, err := config.sniffer.ReadPacket()
if err != nil {
log.Printf("Error getting packet: %v %s", err, ci)
continue
}
err = parser.DecodeLayers(data, &decoded)
if err != nil {
log.Printf("Error decoding packet: %v", err)
continue
}
if len(decoded) == 0 {
log.Print("Packet contained no valid layers")
continue
}
// Example of how to get data out of specific layers
for _, layerType := range decoded {
switch layerType {
case layers.LayerTypeIPv4:
log.Printf("src: %v, dst: %v, proto: %v", ip.SrcIP, ip.DstIP, ip.Protocol)
}
}
if config.pcapWriter != nil {
config.pcapWriter.WritePacket(ci, data)
}
}
return nil
}示例12: setupSpoofingSocket
func setupSpoofingSocket(config Config) {
var err error
ipv4Parser = gopacket.NewDecodingLayerParser(layers.LayerTypeIPv4, &ipv4Layer)
handle, err = pcap.OpenLive(config.Device, 1024, false, 30*time.Second)
if err != nil {
panic(err)
}
srcBytes, _ := hex.DecodeString(config.Src)
dstBytes, _ := hex.DecodeString(config.Dst)
linkHeader = append(dstBytes, srcBytes...)
linkHeader = append(linkHeader, 0x08, 0) // IPv4 EtherType
// var ipv6Layer layers.ipv6
// ipv6Parser := gopacket.NewDecodingLayerParser(layers.LayerTypeIPv6, &ipv6Layer)
}示例13: main
func main() {
//get local ip
localip, err := checkLocalip(device)
// Open device
handle, err = pcap.OpenLive(device, snapshot_len, promiscuous, timeout)
if err != nil {
log.Fatal(err)
}
defer handle.Close()
packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
for packet := range packetSource.Packets() {
parser := gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
ðLayer,
&ipLayer,
&tcpLayer,
)
foundLayerTypes := []gopacket.LayerType{}
err := parser.DecodeLayers(packet.Data(), &foundLayerTypes)
if err != nil {
fmt.Println("Trouble decoding layers: ", err)
}
for _, layerType := range foundLayerTypes {
if layerType == layers.LayerTypeIPv4 {
fmt.Println("IPV4 found")
}
if ipLayer.DstIP.String() == localip || ipLayer.SrcIP.String() == localip {
fmt.Println("IPv4 go through this machine: ", ipLayer.SrcIP, "->", ipLayer.DstIP)
applicationLayer := packet.ApplicationLayer()
if strings.Contains(string(applicationLayer.Payload()), "HTTP") {
fmt.Println("HTTP found!")
fmt.Println("layer content", string(applicationLayer.LayerContents()))
fmt.Println("layer payload", string(applicationLayer.Payload()))
fmt.Println("layer type", string(applicationLayer.LayerType()))
}
}
}
}
}示例14: fileWait
/*
FUNCTION: fileWait(ip, filename string, lport uint16)
RETURNS: Nothing
ARGUMENTS:
string ip - the ip address of the server
string filename - the file we are waiting for
uint16 lport - the port we're listening on
ABOUT:
Waits as a seperate thread for incoming file data on the lport + 1. Upon recieving a
FSND_COMPLETE packet, saves the recieved file and shuts the thread down.
*/
func fileWait(ip, filename string, lport uint16) {
var ipLayer layers.IPv4
var ethLayer layers.Ethernet
var udpLayer layers.UDP
var payload gopacket.Payload
parser := gopacket.NewDecodingLayerParser(layers.LayerTypeEthernet, ðLayer, &ipLayer, &udpLayer, &payload)
decoded := make([]gopacket.LayerType, 0, 4)
fBuffer := new(bytes.Buffer)
packetSource := gopacket.NewPacketSource(fhandle, fhandle.LinkType())
for {
packet, err := packetSource.NextPacket()
checkError(err)
err = parser.DecodeLayers(packet.Data(), &decoded)
if err != nil {
continue
}
if len(decoded) < 3 {
fmt.Println("Not enough layers!")
continue
}
incomingIP := ipLayer.SrcIP.String()
if incomingIP == ip && uint16(udpLayer.DstPort) == lport+1 {
err = binary.Write(fBuffer, binary.BigEndian, MAX_PORT-uint16(udpLayer.SrcPort))
checkError(err)
} else if incomingIP == ip && uint16(udpLayer.DstPort) == FSND_CMPLETE {
data := decrypt_data(fBuffer.Bytes())
err := ioutil.WriteFile(filename, data, 0644)
checkError(err)
fmt.Printf("File transfer %s completed. Transfered: %d bytes", filename, fBuffer.Len())
return
}
}
}示例15: BenchmarkDecodeToIP
func BenchmarkDecodeToIP(b *testing.B) {
var ethLayer layers.Ethernet
var ipLayer layers.IPv4
parser := gopacket.NewDecodingLayerParser(
layers.LayerTypeEthernet,
ðLayer,
&ipLayer,
)
foundLayerTypes := []gopacket.LayerType{}
packetSource := getPacketData("a")
packetSource.DecodeOptions.Lazy = true
packet := <-packetSource.Packets()
b.ResetTimer()
for i := 0; i < b.N; i++ {
parser.DecodeLayers(packet.Data(), &foundLayerTypes)
}
}