 Documentation
      ¶
      Documentation
      ¶
    
    
  
    
  
    Index ¶
- Constants
- Variables
- func Register(name string, plugin ProtocolPlugin)
- type Packet
- type Plugin
- type PortsConfig
- type Protocol
- type ProtocolData
- type ProtocolPlugin
- type Protocols
- type ProtocolsStruct
- func (s ProtocolsStruct) BpfFilter(withVlans bool, withICMP bool) string
- func (s ProtocolsStruct) GetAll() map[Protocol]Plugin
- func (s ProtocolsStruct) GetAllTCP() map[Protocol]TCPPlugin
- func (s ProtocolsStruct) GetAllUDP() map[Protocol]UDPPlugin
- func (s ProtocolsStruct) GetTCP(proto Protocol) TCPPlugin
- func (s ProtocolsStruct) GetUDP(proto Protocol) UDPPlugin
- func (s ProtocolsStruct) Init(testMode bool, results publish.Transactions, configs map[string]*common.Config) error
 
- type TCPPlugin
- type UDPPlugin
Constants ¶
      View Source
      
  
const ( DefaultTransactionHashSize = 2 ^ 16 DefaultTransactionExpiration time.Duration = 10 * time.Second )
Variables ¶
      View Source
      
  
    var ErrInvalidPort = errors.New("port number out of range")
    
      View Source
      
  var Protos = ProtocolsStruct{ // contains filtered or unexported fields }
Singleton of Protocols type.
Functions ¶
func Register ¶
func Register(name string, plugin ProtocolPlugin)
Types ¶
type Plugin ¶
type Plugin interface {
	// Called to return the configured ports
	GetPorts() []int
}
    Functions to be exported by a protocol plugin
type PortsConfig ¶
type PortsConfig struct {
	Ports []int
}
    Protocol Plugin Port configuration with validation on init
func (*PortsConfig) Init ¶
func (p *PortsConfig) Init(ports ...int) error
func (*PortsConfig) Set ¶
func (p *PortsConfig) Set(ports []int) error
type ProtocolData ¶
type ProtocolData interface{}
    ProtocolData interface to represent an upper protocol private data. Used with types like HttpStream, MysqlStream, etc.
type ProtocolPlugin ¶
type ProtocolsStruct ¶
type ProtocolsStruct struct {
	// contains filtered or unexported fields
}
    list of protocol plugins
func (ProtocolsStruct) BpfFilter ¶
func (s ProtocolsStruct) BpfFilter(withVlans bool, withICMP bool) string
BpfFilter returns a Berkeley Packer Filter (BFP) expression that will match against packets for the registered protocols. If with_vlans is true the filter will match against both IEEE 802.1Q VLAN encapsulated and unencapsulated packets
func (ProtocolsStruct) GetAll ¶
func (s ProtocolsStruct) GetAll() map[Protocol]Plugin
func (ProtocolsStruct) GetAllTCP ¶
func (s ProtocolsStruct) GetAllTCP() map[Protocol]TCPPlugin
func (ProtocolsStruct) GetAllUDP ¶
func (s ProtocolsStruct) GetAllUDP() map[Protocol]UDPPlugin
func (ProtocolsStruct) GetTCP ¶
func (s ProtocolsStruct) GetTCP(proto Protocol) TCPPlugin
func (ProtocolsStruct) GetUDP ¶
func (s ProtocolsStruct) GetUDP(proto Protocol) UDPPlugin
func (ProtocolsStruct) Init ¶
func (s ProtocolsStruct) Init( testMode bool, results publish.Transactions, configs map[string]*common.Config, ) error
type TCPPlugin ¶
type TCPPlugin interface {
	Plugin
	// Called when TCP payload data is available for parsing.
	Parse(pkt *Packet, tcptuple *common.TCPTuple,
		dir uint8, private ProtocolData) ProtocolData
	// Called when the FIN flag is seen in the TCP stream.
	ReceivedFin(tcptuple *common.TCPTuple, dir uint8,
		private ProtocolData) ProtocolData
	// Called when a packets are missing from the tcp
	// stream.
	GapInStream(tcptuple *common.TCPTuple, dir uint8, nbytes int,
		private ProtocolData) (priv ProtocolData, drop bool)
	// ConnectionTimeout returns the per stream connection timeout.
	// Return <=0 to set default tcp module transaction timeout.
	ConnectionTimeout() time.Duration
}
    
       Directories
      ¶
      Directories
      ¶
    
    | Path | Synopsis | 
|---|---|
| Package applayer provides common definitions with common fields for use with application layer protocols among beats. | Package applayer provides common definitions with common fields for use with application layer protocols among beats. | 
| Package dns provides support for parsing DNS messages and reporting the results. | Package dns provides support for parsing DNS messages and reporting the results. | 
 Click to show internal directories. 
   Click to hide internal directories.