func (decoder *DecoderStruct) DecodePacketData(data []byte, ci *gopacket.CaptureInfo) {
var err error
var packet protos.Packet
err = decoder.Parser.DecodeLayers(data, &decoder.decoded)
if err != nil {
logp.Debug("pcapread", "Decoding error: %s", err)
return
}
has_tcp := false
for _, layerType := range decoder.decoded {
switch layerType {
case layers.LayerTypeIPv4:
logp.Debug("ip", "IPv4 packet")
packet.Tuple.Src_ip = decoder.ip4.SrcIP
packet.Tuple.Dst_ip = decoder.ip4.DstIP
packet.Tuple.Ip_length = 4
case layers.LayerTypeIPv6:
logp.Debug("ip", "IPv6 packet")
packet.Tuple.Src_ip = decoder.ip6.SrcIP
packet.Tuple.Dst_ip = decoder.ip6.DstIP
packet.Tuple.Ip_length = 16
case layers.LayerTypeTCP:
logp.Debug("ip", "TCP packet")
packet.Tuple.Src_port = uint16(decoder.tcp.SrcPort)
packet.Tuple.Dst_port = uint16(decoder.tcp.DstPort)
has_tcp = true
case gopacket.LayerTypePayload:
packet.Payload = decoder.payload
}
}
if !has_tcp {
logp.Debug("pcapread", "No TCP header found in message")
return
}
if len(packet.Payload) == 0 && !decoder.tcp.FIN {
// We have no use for this atm.
logp.Debug("pcapread", "Ignore empty non-FIN packet")
return
}
packet.Ts = ci.Timestamp
packet.Tuple.ComputeHashebles()
FollowTcp(&decoder.tcp, &packet)
}
func (decoder *DecoderStruct) DecodePacketData(data []byte, ci *gopacket.CaptureInfo) {
var err error
var packet protos.Packet
err = decoder.Parser.DecodeLayers(data, &decoder.decoded)
if err != nil {
// Ignore UnsupportedLayerType errors that can occur while parsing
// UDP packets.
lastLayer := decoder.decoded[len(decoder.decoded)-1]
_, unsupported := err.(gopacket.UnsupportedLayerType)
if !(unsupported && lastLayer == layers.LayerTypeUDP) {
logp.Debug("pcapread", "Decoding error: %s", err)
return
}
}
has_tcp := false
has_udp := false
for _, layerType := range decoder.decoded {
switch layerType {
case layers.LayerTypeIPv4:
logp.Debug("ip", "IPv4 packet")
packet.Tuple.Src_ip = decoder.ip4.SrcIP
packet.Tuple.Dst_ip = decoder.ip4.DstIP
packet.Tuple.Ip_length = 4
case layers.LayerTypeIPv6:
logp.Debug("ip", "IPv6 packet")
packet.Tuple.Src_ip = decoder.ip6.SrcIP
packet.Tuple.Dst_ip = decoder.ip6.DstIP
packet.Tuple.Ip_length = 16
case layers.LayerTypeTCP:
logp.Debug("ip", "TCP packet")
packet.Tuple.Src_port = uint16(decoder.tcp.SrcPort)
packet.Tuple.Dst_port = uint16(decoder.tcp.DstPort)
has_tcp = true
case layers.LayerTypeUDP:
logp.Debug("ip", "UDP packet")
packet.Tuple.Src_port = uint16(decoder.udp.SrcPort)
packet.Tuple.Dst_port = uint16(decoder.udp.DstPort)
packet.Payload = decoder.udp.Payload
has_udp = true
case gopacket.LayerTypePayload:
packet.Payload = decoder.payload
}
}
packet.Ts = ci.Timestamp
packet.Tuple.ComputeHashebles()
if has_udp {
decoder.udpProc.Process(&packet)
} else if has_tcp {
if len(packet.Payload) == 0 && !decoder.tcp.FIN {
// We have no use for this atm.
logp.Debug("pcapread", "Ignore empty non-FIN packet")
return
}
decoder.tcpProc.Process(&decoder.tcp, &packet)
}
}
