-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathaddress.go
221 lines (185 loc) · 5.07 KB
/
address.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
package windivert
import (
"unsafe"
)
// PacketInfo contains parsed packet information
type PacketInfo struct {
IPv4Header *IPv4Header
IPv6Header *IPv6Header
ICMPHeader *ICMPHeader
ICMPv6Header *ICMPv6Header
TCPHeader *TCPHeader
UDPHeader *UDPHeader
Data []byte
}
// Ethernet represents ethernet layer information
type Ethernet struct {
InterfaceIndex uint32
SubInterfaceIndex uint32
_ [7]uint64
}
// Network represents network layer information
type Network struct {
InterfaceIndex uint32
SubInterfaceIndex uint32
_ [7]uint64
}
// Socket represents socket layer information
type Socket struct {
EndpointID uint64
ParentEndpointID uint64
ProcessID uint32
LocalAddress [16]uint8
RemoteAddress [16]uint8
LocalPort uint16
RemotePort uint16
Protocol uint8
_ [3]uint8
_ uint32
}
// Flow represents flow layer information
type Flow struct {
EndpointID uint64
ParentEndpointID uint64
ProcessID uint32
LocalAddress [16]uint8
RemoteAddress [16]uint8
LocalPort uint16
RemotePort uint16
Protocol uint8
_ [3]uint8
_ uint32
}
// Reflect represents reflect layer information
type Reflect struct {
TimeStamp int64
ProcessID uint32
layer uint32
Flags uint64
Priority int16
_ int16
_ int32
_ [4]uint64
}
// Layer returns the layer type for reflect information
func (r *Reflect) Layer() Layer {
return Layer(r.layer)
}
// Address represents a WinDivert address
type Address struct {
Timestamp int64
LayerType Layer // renamed from Layer
EventType Event // renamed from Event
IsSniffed uint8 // renamed from Sniffed
IsOutbound uint8 // renamed from Outbound
HasIPChecksum uint8 // renamed from IPChecksum
HasTCPChecksum uint8 // renamed from TCPChecksum
HasUDPChecksum uint8 // renamed from UDPChecksum
Flags uint8
union [64]byte
length uint64
}
// GetLayer returns the layer type
func (a *Address) Layer() Layer {
return a.LayerType
}
// SetLayer sets the layer type
func (a *Address) SetLayer(layer Layer) {
a.LayerType = layer
}
// GetEvent returns the event type
func (a *Address) Event() Event {
return Event(a.EventType)
}
// SetEvent sets the event type
func (a *Address) SetEvent(event Event) {
a.EventType = Event(event)
}
// IsSniffed returns whether the packet was sniffed
func (a *Address) Sniffed() bool {
return (a.Flags & uint8(0x01<<0)) == uint8(0x01<<0)
}
// SetSniffed sets the sniffed flag
func (a *Address) SetSniffed() {
a.Flags |= uint8(0x01 << 0)
}
// UnsetSniffed unsets the sniffed flag
func (a *Address) UnsetSniffed() {
a.Flags &= ^uint8(0x01 << 0)
}
// IsOutbound returns whether the packet is outbound
func (a *Address) Outbound() bool {
return (a.Flags & uint8(0x01<<1)) == uint8(0x01<<1)
}
// SetOutbound sets the outbound flag
func (a *Address) SetOutbound() {
a.Flags |= uint8(0x01 << 1)
}
// UnsetOutbound unsets the outbound flag
func (a *Address) UnsetOutbound() {
a.Flags &= ^uint8(0x01 << 1)
}
// HasIPChecksum returns whether IP checksum is present
func (a *Address) IPChecksum() bool {
return (a.Flags & uint8(0x01<<5)) == uint8(0x01<<5)
}
// SetIPChecksum sets the IP checksum flag
func (a *Address) SetIPChecksum() {
a.Flags |= uint8(0x01 << 5)
}
// UnsetIPChecksum unsets the IP checksum flag
func (a *Address) UnsetIPChecksum() {
a.Flags &= ^uint8(0x01 << 5)
}
// HasTCPChecksum returns whether TCP checksum is present
func (a *Address) TCPChecksum() bool {
return (a.Flags & uint8(0x01<<6)) == uint8(0x01<<6)
}
// SetTCPChecksum sets the TCP checksum flag
func (a *Address) SetTCPChecksum() {
a.Flags |= uint8(0x01 << 6)
}
// UnsetTCPChecksum unsets the TCP checksum flag
func (a *Address) UnsetTCPChecksum() {
a.Flags &= ^uint8(0x01 << 6)
}
// HasUDPChecksum returns whether UDP checksum is present
func (a *Address) UDPChecksum() bool {
return (a.Flags & uint8(0x01<<7)) == uint8(0x01<<7)
}
// SetUDPChecksum sets the UDP checksum flag
func (a *Address) SetUDPChecksum() {
a.Flags |= uint8(0x01 << 7)
}
// UnsetUDPChecksum unsets the UDP checksum flag
func (a *Address) UnsetUDPChecksum() {
a.Flags &= ^uint8(0x01 << 7)
}
func (a *Address) Length() uint32 {
return uint32(a.length >> 12)
}
func (a *Address) SetLength(n uint32) {
a.length = uint64(n << 12)
}
func (a *Address) Ethernet() *Ethernet {
return (*Ethernet)(unsafe.Pointer(&a.union))
}
func (a *Address) Network() *Network {
return (*Network)(unsafe.Pointer(&a.union))
}
func (a *Address) Socket() *Socket {
return (*Socket)(unsafe.Pointer(&a.union))
}
func (a *Address) Flow() *Flow {
return (*Flow)(unsafe.Pointer(&a.union))
}
func (a *Address) Reflect() *Reflect {
return (*Reflect)(unsafe.Pointer(&a.union))
}
type AddressHelper interface {
CalcChecksums(packet []byte, flags uint64) error
ParseIPv4Header(packet []byte) (*IPv4Header, error)
ParseIPv6Header(packet []byte) (*IPv6Header, error)
ParseTCPHeader(packet []byte) (*TCPHeader, error)
ParseUDPHeader(packet []byte) (*UDPHeader, error)
}