-
Notifications
You must be signed in to change notification settings - Fork 12
/
nflog.go
81 lines (64 loc) · 2 KB
/
nflog.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
// # iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100
// # iptables -t raw -A PREROUTING -i eth1 -j NFLOG --nflog-group 2 --nflog-range 64 --nflog-threshold 10
// # iptables -t mangle -A POSTROUTING -o eth1 -j NFLOG --nflog-group 5 --nflog-range 64 --nflog-threshold 10
package engine
import (
"github.com/fs714/goiftop/accounting"
"github.com/fs714/goiftop/engine/driver"
"github.com/google/gopacket/layers"
"github.com/google/gopacket/pcap"
)
func NewNflogEngine(ifaceName string, groupId int, direction pcap.Direction, isDecodeL4 bool, ch chan *accounting.FlowCollection) (engine *NflogEngine) {
engine = &NflogEngine{
IfaceName: ifaceName,
GroupId: groupId,
Direction: direction,
IsDecodeL4: isDecodeL4,
NotifyChannel: ch,
FlowCol: accounting.NewFlowCollection(ifaceName),
FlowColResetInterval: DefaultFlowColResetInterval,
}
return
}
type NflogEngine struct {
IfaceName string
GroupId int
Direction pcap.Direction
IsDecodeL4 bool
NotifyChannel chan *accounting.FlowCollection
FlowCol *accounting.FlowCollection
FlowColResetInterval int64
}
func (e *NflogEngine) GetDirection() pcap.Direction {
return e.Direction
}
func (e *NflogEngine) GetFlowCollection() *accounting.FlowCollection {
return e.FlowCol
}
func (e *NflogEngine) GetResetInterval() int64 {
return e.FlowColResetInterval
}
func (e *NflogEngine) GetIsDecodeL4() bool {
return e.IsDecodeL4
}
func (e *NflogEngine) GetNotifyChannel() chan *accounting.FlowCollection {
return e.NotifyChannel
}
func (e *NflogEngine) StartEngine() (err error) {
go Nofify(e)
err = e.StartCapture()
return
}
func (e *NflogEngine) StartCapture() (err error) {
capture := NewCapture(e)
firstLayer := layers.LayerTypeIPv4
capture.SetFirstLayer(firstLayer)
fn := func(data []byte) int {
capture.DecodeAndAccount(data)
return 0
}
nfl := driver.NewNfLog(e.GroupId, fn)
defer nfl.Close()
nfl.Loop()
return
}