-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpassive.go
56 lines (53 loc) · 1.7 KB
/
passive.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package packemon
type Passive struct {
HTTPRes *HTTPResponse
HTTP *HTTP
TLSClientHello *TLSClientHello
TLSServerHello *TLSServerHello
TLSClientKeyExchange *TLSClientKeyExchange
TLSChangeCipherSpecAndEncryptedHandshakeMessage *TLSChangeCipherSpecAndEncryptedHandshakeMessage
TLSApplicationData *TLSApplicationData
TLSEncryptedAlert *TLSEncryptedAlert
DNS *DNS
TCP *TCP
UDP *UDP
ICMP *ICMP
IPv4 *IPv4
IPv6 *IPv6
ARP *ARP
EthernetFrame *EthernetFrame
}
func (p *Passive) HighLayerProto() string {
proto := "unknown"
if p.EthernetFrame != nil {
proto = "ETHER"
}
if p.ARP != nil {
proto = "ARP"
}
if p.IPv4 != nil {
proto = "IPv4"
}
if p.IPv6 != nil {
proto = "IPv6"
}
if p.ICMP != nil {
proto = "ICMP"
}
if p.UDP != nil {
proto = "UDP"
}
if p.TCP != nil {
proto = "TCP"
}
if p.TLSClientHello != nil || p.TLSServerHello != nil || p.TLSClientKeyExchange != nil || p.TLSChangeCipherSpecAndEncryptedHandshakeMessage != nil || p.TLSApplicationData != nil || p.TLSEncryptedAlert != nil {
proto = "TLSv1.2"
}
if p.DNS != nil {
proto = "DNS"
}
if p.HTTP != nil || p.HTTPRes != nil {
proto = "HTTP"
}
return proto
}